From 308173ba5281de704aa1deab3625e59bfcf4b73a Mon Sep 17 00:00:00 2001
From: Guillaume Mazoyer <gmazoyer@gravitons.in>
Date: Thu, 18 Feb 2016 10:57:58 +0100
Subject: Reject AS path regex containing ; and ".

An AS path regex will be considered as invalid if any of the ; and "
characters are used. These characters could be used to inject arbitrary
command due to the router command line interpretation.

This is a temporary fix for issue #13 while waiting for something better.
---
 includes/utils.php | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'includes/utils.php')

diff --git a/includes/utils.php b/includes/utils.php
index 96982ea..4dfe132 100644
--- a/includes/utils.php
+++ b/includes/utils.php
@@ -209,10 +209,22 @@ function match_as($as) {
 }
 
 function match_aspath_regex($aspath_regex) {
+  // Empty AS path regex
   if (empty($aspath_regex)) {
     return false;
   }
 
+  // AS path containing a ; (not a valid character)
+  if (strpos($aspath_regex, ';') !== false) {
+    return false;
+  }
+
+  // AS path containing a " (not a valid character, the string is automatically
+  // quoted if needed)
+  if (strpos($aspath_regex, '"') !== false) {
+    return false;
+  }
+
   // TODO: validate a regex with a regex?
   return true;
 }
-- 
cgit v1.2.3