| 406 |
+ |
+ |
| 407 |
+ |
+ |
| 408 |
1; |
1; |
| 409 |
|
diff -Nur --no-dereference smeserver-wireguard-1.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/wireguard.pm smeserver-wireguard-1.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/wireguard.pm |
| 410 |
|
--- smeserver-wireguard-1.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/wireguard.pm 2021-11-03 14:18:15.780000000 -0400 |
| 411 |
|
+++ smeserver-wireguard-1.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/wireguard.pm 2021-11-03 14:18:39.640000000 -0400 |
| 412 |
|
@@ -234,9 +234,8 @@ |
| 413 |
|
#here we guess wan IP |
| 414 |
|
# are we server-gateway mode ? so external lan, should do |
| 415 |
|
# else we should guess from an external service |
| 416 |
|
-#my $internet_ip_address = get_internet_ip_address(); |
| 417 |
|
my $ExternalIP = $cdb->get('ExternalInterface')->prop('IPAddress'); |
| 418 |
|
-$ExternalIP=get_internet_ip_address() unless defined $ExternalIP; |
| 419 |
|
+$ExternalIP = get_internet_ip_address() unless defined $ExternalIP; |
| 420 |
|
|
| 421 |
|
#DNS |
| 422 |
|
my $IPAddress = $cdb->get('InternalInterface')->prop('IPAddress'); |
| 423 |
|
@@ -589,6 +588,8 @@ |
| 424 |
|
foreach my $rr ($reply->answer) { |
| 425 |
|
$ip= $rr->txtdata if $rr->can("txtdata"); |
| 426 |
|
$ip= $rr->address if $rr->can("address"); |
| 427 |
|
+ # untaint, dns output is tainted |
| 428 |
|
+ ($ip) = $ip =~ /(\d+\.\d+\.\d+\.\d+)/; |
| 429 |
|
return $ip if $ip =~ /(\d+\.\d+\.\d+\.\d+)/; |
| 430 |
|
} |
| 431 |
|
} else { |
| 432 |
|
@@ -606,8 +607,9 @@ |
| 433 |
|
$ii++; |
| 434 |
|
last if $ip =~ /(\d+\.\d+\.\d+\.\d+)/; |
| 435 |
|
} |
| 436 |
|
+ # not needed but in case, untaint |
| 437 |
|
+ ($ip) = $ip =~ /(\d+\.\d+\.\d+\.\d+)/; |
| 438 |
|
return $ip; |
| 439 |
|
} |
| 440 |
|
|
| 441 |
|
- |
| 442 |
|
1; |
Parent Directory
| 
Revision Log
| 
Revision Graph
| 
Patch
