mike/systeminformation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sanitizeShellString() improvement

Browse Source
This commit is contained in:
Sebastian Hildebrandt 2021-03-14 18:08:45 +01:00
parent 41b3059f21
commit af9b8a522e
5 changed files with 31 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -77,6 +77,7 @@ For major (breaking) changes - **version 4, 3 and 2** - see end of page.
| Version | Date | Comment | | Version | Date | Comment |
| -------------- | -------------- | -------- | | -------------- | -------------- | -------- |
| 5.6.3 | 2021-03-10 | `sanitizeShellString()` improvement |
| 5.6.2 | 2021-03-10 | `networkInterfaces()` `cpu()` improvement (win) | | 5.6.2 | 2021-03-10 | `networkInterfaces()` `cpu()` improvement (win) |
| 5.6.1 | 2021-03-03 | `get()` fixed issue boolean parameters | | 5.6.1 | 2021-03-03 | `get()` fixed issue boolean parameters |
| 5.6.0 | 2021-03-03 | `cpuTemperature()` added socket and chipset temp (linux) | | 5.6.0 | 2021-03-03 | `cpuTemperature()` added socket and chipset temp (linux) |

5
docs/history.html
View File

@ -56,6 +56,11 @@
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<tr>
<th scope="row">5.6.3</th>
<td>2021-03-14</td>
<td><span class="code">sanitizeShellString()</span> improvements</td>
</tr>
<tr> <tr>
<th scope="row">5.6.2</th> <th scope="row">5.6.2</th>
<td>2021-03-10</td> <td>2021-03-10</td>

6
docs/index.html
View File

@ -166,11 +166,11 @@
<body> <body>
<header class="bg-image-full"> <header class="bg-image-full">
<div class="top-container"> <div class="top-container">
<a href="security.html" class="recommendation">Security advisory:<br>Update to v5.3.2</a> <a href="security.html" class="recommendation">Security advisory:<br>Update to v5.6.3</a>
<img class="logo" src="assets/logo.png"> <img class="logo" src="assets/logo.png">
<div class="title">systeminformation</div> <div class="title">systeminformation</div>
<div class="subtitle"><span id="typed"></span>&nbsp;</div> <div class="subtitle"><span id="typed"></span>&nbsp;</div>
<div class="version">New Version: <span id="version">5.6.2</span></div> <div class="version">New Version: <span id="version">5.6.3</span></div>
<button class="btn btn-light" onclick="location.href='https://github.com/sebhildebrandt/systeminformation'">View on Github <i class=" fab fa-github"></i></button> <button class="btn btn-light" onclick="location.href='https://github.com/sebhildebrandt/systeminformation'">View on Github <i class=" fab fa-github"></i></button>
</div> </div>
<div class="down"> <div class="down">
@ -209,7 +209,7 @@
<div class="title">Downloads last month</div> <div class="title">Downloads last month</div>
</div> </div>
<div class="col-xl-4 col-lg-4 col-md-4 col-12"> <div class="col-xl-4 col-lg-4 col-md-4 col-12">
<div class="numbers">395</div> <div class="numbers">397</div>
<div class="title">Dependents</div> <div class="title">Dependents</div>
</div> </div>
</div> </div>

17
docs/security.html
View File

@ -43,6 +43,23 @@
<div class="col-12 sectionheader"> <div class="col-12 sectionheader">
<div class="title">Security Advisories</div> <div class="title">Security Advisories</div>
<div class="text"> <div class="text">
<h2>Command Injection Vulnerability</h2>
<p><span class="bold">Affected versions:</span>
&lt; 5.6.3 and &lt; 4.34.13<br>
<span class="bold">Date:</span> 2021-03-14<br>
<span class="bold">CVE indentifier</span> -
</p>
<h4>Impact</h4>
<p>We had an issue that there was a possibility to perform a potential command injection possibility by passing a manipulated string prototype as a parameter to the following functions. Affected commands: <span class="code">inetLatency()</span>, <span class="code">inetChecksite()</span>, <span class="code">services()</span>, <span class="code">processLoad()</span>.</p>
<h4>Patch</h4>
<p>Problem was fixed with additional parameter checking. Please upgrade to version >= 5.6.3 (or >= 4.34.13 if you are using version 4).</p>
<h4>Workarround</h4>
<p>If you cannot upgrade, be sure to check or sanitize parameter strings that are passed to <span class="code">inetLatency()</span>, <span class="code">inetChecksite()</span>, <span class="code">services()</span>, <span class="code">processLoad()</span> (string only)</p>
<hr>
<br>
<h2>Insufficient File Scheme Validation</h2> <h2>Insufficient File Scheme Validation</h2>
<p><span class="bold">Affected versions:</span> <p><span class="bold">Affected versions:</span>
&lt; 5.3.2 and &lt; 4.34.12<br> &lt; 5.3.2 and &lt; 4.34.12<br>

9
lib/util.js
View File

@ -529,10 +529,11 @@ function sanitizeShellString(str, strict = false) {
s[i] === '\'' || s[i] === '\'' ||
s[i] === '`' || s[i] === '`' ||
s[i] === '"' || s[i] === '"' ||
strict && s[i] === '@' || s[i].length > 1 ||
strict && s[i] === ' ' || (strict && s[i] === '@') ||
strict && s[i] == '{' || (strict && s[i] === ' ') ||
strict && s[i] == ')')) { (strict && s[i] == '{') ||
(strict && s[i] == ')'))) {
result = result + s[i]; result = result + s[i];
} }
} }