inetLatency() fixed possible DOS intrusion

2021-02-12 08:35:31 +01:00
parent 3b7d8b72c0
commit 9a89964f84
8 changed files with 69 additions and 21 deletions
@@ -35,12 +35,9 @@ function inetChecksite(url, callback) {
  return new Promise((resolve) => {
    process.nextTick(() => {
      let urlSanitized = '';
-      const s = util.sanitizeShellString(url);
+      const s = util.sanitizeShellString(url, true);
      for (let i = 0; i <= 2000; i++) {
-        if (!(s[i] === undefined ||
-          s[i] === ' ' ||
-          s[i] === '{' ||
-          s[i] === '}')) {
+        if (!(s[i] === undefined)) {
          s[i].__proto__.toLowerCase = util.stringToLower;
          const sl = s[i].toLowerCase();
          if (sl && sl[0] && !sl[1]) {
@@ -126,7 +123,18 @@ function inetLatency(host, callback) {
  }

  host = host || '8.8.8.8';
-  const hostSanitized = (util.isPrototypePolluted() ? '8.8.8.8' : util.sanitizeShellString(host)).trim();
+  let hostSanitized = '';
+  const s = (util.isPrototypePolluted() ? '8.8.8.8' : util.sanitizeShellString(host, true)).trim();
+  for (let i = 0; i <= 2000; i++) {
+    if (!(s[i] === undefined)) {
+
+      s[i].__proto__.toLowerCase = util.stringToLower;
+      const sl = s[i].toLowerCase();
+      if (sl && sl[0] && !sl[1]) {
+        hostSanitized = hostSanitized + sl[0];
+      }
+    }
+  }

  return new Promise((resolve) => {
    process.nextTick(() => {
@@ -502,7 +502,7 @@ function countLines(lines, startingWith) {
  return uniqueLines.length;
 }

-function sanitizeShellString(str) {
+function sanitizeShellString(str, strict = false) {
  const s = str || '';
  let result = '';
  for (let i = 0; i <= 2000; i++) {
@@ -527,7 +527,10 @@ function sanitizeShellString(str) {
      s[i] === '\n' ||
      s[i] === '\'' ||
      s[i] === '`' ||
-      s[i] === '"')) {
+      s[i] === '"' ||
+      strict && s[i] === ' ' ||
+      strict && s[i] == '{' ||
+      strict && s[i] == ')')) {
      result = result + s[i];
    }
  }