CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3192 from Security-Onion-Solutions/bugfix/input-validation-fixes

Browse Source 
Bugfix/input validation fixes
This commit is contained in:
Mike Reeves
2021-03-01 09:27:48 -05:00
committed by GitHub
parent 55b6efba7b cf9be3521d
commit 64cc894948
2 changed files with 11 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/common/tools/sbin/so-common
View File

@@ -333,7 +333,7 @@ valid_ip4() {
valid_int() { valid_int() {
local num=$1 local num=$1
local min=${2:-1} local min=${2:-1}
local max=${3:-1000} local max=${3:-1000000000}
[[ $num =~ ^[0-9]*$ ]] && [[ $num -ge $min ]] && [[ $num -le $max ]] && return 0 || return 1 [[ $num =~ ^[0-9]*$ ]] && [[ $num -ge $min ]] && [[ $num -le $max ]] && return 0 || return 1
} }

20
setup/so-functions
View File

@@ -271,7 +271,7 @@ collect_adminuser_inputs() {
collect_cur_close_days() { collect_cur_close_days() {
whiptail_cur_close_days "$CURCLOSEDAYS" whiptail_cur_close_days "$CURCLOSEDAYS"
while ! valid_int "$CURCLOSEDAYS" "1"; do while ! valid_int "$CURCLOSEDAYS"; do
whiptail_invalid_input whiptail_invalid_input
whiptail_cur_close_days "$CURCLOSEDAYS" whiptail_cur_close_days "$CURCLOSEDAYS"
done done
@@ -322,7 +322,7 @@ collect_es_cluster_name() {
collect_es_space_limit() { collect_es_space_limit() {
whiptail_log_size_limit "$log_size_limit" whiptail_log_size_limit "$log_size_limit"
while ! valid_int "$log_size_limit" "1"; do # Upper/lower bounds? while ! valid_int "$log_size_limit"; do # Upper/lower bounds?
whiptail_invalid_input whiptail_invalid_input
whiptail_log_size_limit "$log_size_limit" whiptail_log_size_limit "$log_size_limit"
done done
@@ -368,7 +368,7 @@ collect_gateway() {
} }
collect_helix_key() { collect_helix_key() {
whiptail_helix_apikey # validate? whiptail_helix_apikey
} }
collect_homenet_mngr() { collect_homenet_mngr() {
@@ -398,7 +398,6 @@ collect_hostname() {
whiptail_set_hostname "$HOSTNAME" whiptail_set_hostname "$HOSTNAME"
if [[ $HOSTNAME == 'securityonion' ]]; then # Will only check HOSTNAME=securityonion once if [[ $HOSTNAME == 'securityonion' ]]; then # Will only check HOSTNAME=securityonion once
if ! (whiptail_avoid_default_hostname); then if ! (whiptail_avoid_default_hostname); then
whiptail_set_hostname whiptail_set_hostname
@@ -454,20 +453,10 @@ collect_mtu() {
collect_node_es_heap() { collect_node_es_heap() {
whiptail_node_es_heap "$ES_HEAP_SIZE" whiptail_node_es_heap "$ES_HEAP_SIZE"
while ! valid_int "$NODE_ES_HEAP_SIZE"; do
whiptail_invalid_input
whiptail_node_es_heap "$NODE_ES_HEAP_SIZE"
done
} }
collect_node_ls_heap() { collect_node_ls_heap() {
whiptail_node_ls_heap "$LS_HEAP_SIZE" whiptail_node_ls_heap "$LS_HEAP_SIZE"
while ! valid_int "$NODE_LS_HEAP_SIZE"; do
whiptail_invalid_input
whiptail_node_ls_heap "$NODE_LS_HEAP_SIZE"
done
} }
collect_node_ls_input() { collect_node_ls_input() {
@@ -500,7 +489,7 @@ collect_node_ls_pipeline_worker_count() {
collect_oinkcode() { collect_oinkcode() {
whiptail_oinkcode whiptail_oinkcode
while ! valid_string "$OINKCODE" "" "128"; do #TODO: verify max length here while ! valid_string "$OINKCODE" "" "128"; do
whiptail_invalid_input whiptail_invalid_input
whiptail_oinkcode "$OINKCODE" whiptail_oinkcode "$OINKCODE"
done done
@@ -569,6 +558,7 @@ collect_so_allow() {
collect_soremote_inputs() { collect_soremote_inputs() {
whiptail_create_soremote_user whiptail_create_soremote_user
SCMATCH=no SCMATCH=no
while [[ $SCMATCH != yes ]]; do while [[ $SCMATCH != yes ]]; do
whiptail_create_soremote_user_password1 whiptail_create_soremote_user_password1
whiptail_create_soremote_user_password2 whiptail_create_soremote_user_password2