--- rpms/smeserver-wireguard/contribs10/smeserver-wireguard-1.0-bz11721-init.patch 2021/11/03 04:25:38 1.9 +++ rpms/smeserver-wireguard/contribs10/smeserver-wireguard-1.0-bz11721-init.patch 2021/11/03 18:19:58 1.10 @@ -406,3 +406,37 @@ diff -Nur --no-dereference smeserver-wir + + 1; +diff -Nur --no-dereference smeserver-wireguard-1.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/wireguard.pm smeserver-wireguard-1.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/wireguard.pm +--- smeserver-wireguard-1.0.old/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/wireguard.pm 2021-11-03 14:18:15.780000000 -0400 ++++ smeserver-wireguard-1.0/root/usr/share/perl5/vendor_perl/esmith/FormMagick/Panel/wireguard.pm 2021-11-03 14:18:39.640000000 -0400 +@@ -234,9 +234,8 @@ + #here we guess wan IP + # are we server-gateway mode ? so external lan, should do + # else we should guess from an external service +-#my $internet_ip_address = get_internet_ip_address(); + my $ExternalIP = $cdb->get('ExternalInterface')->prop('IPAddress'); +-$ExternalIP=get_internet_ip_address() unless defined $ExternalIP; ++$ExternalIP = get_internet_ip_address() unless defined $ExternalIP; + + #DNS + my $IPAddress = $cdb->get('InternalInterface')->prop('IPAddress'); +@@ -589,6 +588,8 @@ + foreach my $rr ($reply->answer) { + $ip= $rr->txtdata if $rr->can("txtdata"); + $ip= $rr->address if $rr->can("address"); ++ # untaint, dns output is tainted ++ ($ip) = $ip =~ /(\d+\.\d+\.\d+\.\d+)/; + return $ip if $ip =~ /(\d+\.\d+\.\d+\.\d+)/; + } + } else { +@@ -606,8 +607,9 @@ + $ii++; + last if $ip =~ /(\d+\.\d+\.\d+\.\d+)/; + } ++ # not needed but in case, untaint ++ ($ip) = $ip =~ /(\d+\.\d+\.\d+\.\d+)/; + return $ip; + } + +- + 1;