From e91ddef717add242ab926a4e4f25fa35a62b9831 Mon Sep 17 00:00:00 2001 From: andryyy Date: Wed, 4 Mar 2020 12:35:15 +0100 Subject: [PATCH] [Web] Check smtp_tls_policy_map destination (more checks should be added) --- data/web/inc/functions.tls_policy_maps.inc.php | 16 ++++++++++++++++ data/web/lang/lang.de.json | 1 + data/web/lang/lang.en.json | 1 + 3 files changed, 18 insertions(+) diff --git a/data/web/inc/functions.tls_policy_maps.inc.php b/data/web/inc/functions.tls_policy_maps.inc.php index 70f9f8f0..011a16fd 100644 --- a/data/web/inc/functions.tls_policy_maps.inc.php +++ b/data/web/inc/functions.tls_policy_maps.inc.php @@ -10,6 +10,14 @@ function tls_policy_maps($_action, $_data = null, $attr = null) { $dest = idn_to_ascii(trim($_data['dest']), 0, INTL_IDNA_VARIANT_UTS46); $policy = strtolower(trim($_data['policy'])); $parameters = (isset($_data['parameters']) && !empty($_data['parameters'])) ? $_data['parameters'] : ''; + if (empty($dest) || in_array($dest, array('.', '*', '@'))) { + $_SESSION['return'][] = array( + 'type' => 'danger', + 'log' => array(__FUNCTION__, $_action, $_data, $_attr), + 'msg' => 'tls_policy_map_dest_invalid' + ); + return false; + } if (!empty($parameters)) { foreach (explode(' ', $parameters) as $parameter) { if (!preg_match('/(.+)\=(.+)/i', $parameter)) { @@ -66,6 +74,14 @@ function tls_policy_maps($_action, $_data = null, $attr = null) { ); continue; } + if (empty($dest) || in_array($dest, array('.', '*', '@'))) { + $_SESSION['return'][] = array( + 'type' => 'danger', + 'log' => array(__FUNCTION__, $_action, $_data, $_attr), + 'msg' => 'tls_policy_map_dest_invalid' + ); + return false; + } if (!empty($parameters)) { foreach (explode(' ', $parameters) as $parameter) { if (!preg_match('/(.+)\=(.+)/i', $parameter)) { diff --git a/data/web/lang/lang.de.json b/data/web/lang/lang.de.json index 0ac478a1..99ae9d46 100644 --- a/data/web/lang/lang.de.json +++ b/data/web/lang/lang.de.json @@ -120,6 +120,7 @@ "recipient_map_entry_exists": "Eine Empfängerumschreibung für Objekt \"%s\" existiert bereits", "tls_policy_map_entry_exists": "Eine TLS-Richtlinie \"%s\" existiert bereits", "tls_policy_map_parameter_invalid": "Parameter ist ungültig", + "tls_policy_map_dest_invalid": "Ziel ist ungültig", "temp_error": "Temporärer Fehler", "text_empty": "Text darf nicht leer sein", "subject_empty": "Betreff darf nicht leer sein", diff --git a/data/web/lang/lang.en.json b/data/web/lang/lang.en.json index 5878c6d6..abfec399 100644 --- a/data/web/lang/lang.en.json +++ b/data/web/lang/lang.en.json @@ -120,6 +120,7 @@ "recipient_map_entry_exists": "A Recipient map entry \"%s\" exists", "tls_policy_map_entry_exists": "A TLS policy map entry \"%s\" exists", "tls_policy_map_parameter_invalid": "Policy parameter is invalid", + "tls_policy_map_dest_invalid": "Policy destination is invalid", "temp_error": "Temporary error", "text_empty": "Text must not be empty", "subject_empty": "Subject must not be empty",