[Webmin-maintainers] Bug#312565: marked as done (webmin-snort: conf_rules.cgi does not understand VARs (like $RULE_PATH))

Debian Bug Tracking System owner@bugs.debian.org
Tue, 14 Jun 2005 13:03:18 -0700 

Your message dated Tue, 14 Jun 2005 15:48:46 -0400
with message-id <E1DiHOw-0006UM-00@newraff.debian.org>
and subject line Bug#312565: fixed in webmin-snort 1.1-4
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 8 Jun 2005 20:05:19 +0000
>From paddy@panici.net Wed Jun 08 13:05:18 2005
Return-path: <paddy@panici.net>
Received: from homer.panici.net [207.234.224.187] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1Dg6nM-0006r3-00; Wed, 08 Jun 2005 13:05:00 -0700
Received: from homer.panici.net (localhost.localdomain [127.0.0.1])
	by homer.panici.net (8.13.4/8.13.4/Debian-3) with ESMTP id j58K4pdb030776
	for <submit@bugs.debian.org>; Wed, 8 Jun 2005 20:04:51 GMT
Received: (from root@localhost)
	by homer.panici.net (8.13.4/8.13.4/Submit) id j58K4p2e030775;
	Wed, 8 Jun 2005 20:04:51 GMT
Message-Id: <200506082004.j58K4p2e030775@homer.panici.net>
Content-Type: multipart/mixed; boundary="===============0745683888=="
MIME-Version: 1.0
From: Paddy Smith <paddy@panici.net>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: webmin-snort: conf_rules.cgi does not understand VARs (like $RULE_PATH)
X-Mailer: reportbug 3.8
Date: Wed, 08 Jun 2005 20:04:51 +0000
X-panicinet-MailScanner: Found to be clean
X-panicinet-MailScanner-SpamCheck: not spam, SpamAssassin (score=-2.82,
	required 5, autolearn=not spam, ALL_TRUSTED -2.82)
X-panicinet-MailScanner-From: paddy@panici.net
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
	autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

This is a multi-part MIME message sent by reportbug.

--===============0745683888==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Package: webmin-snort
Version: 1.1-3
Severity: important
Tags: patch


The attached patch is intended to fix:

#286777 conf_rules.cgi: Rule file cannot be found (/etc/snort/$RULE_PATH/scan.rules).
#296481 Rule file cannot be found when viewing

It doesn't try to notice if its passed in a non-existent $VAR, but just
blithely replaces it with the empty string.  We're past access control at 
this point.

it's against webmin-snort_1.1-3

Here's the patch inline:

--- conf_rules.cgi.dist 2005-06-08 19:47:58.369061511 +0000
+++ conf_rules.cgi      2005-06-08 19:45:03.136592356 +0000
@@ -37,7 +37,10 @@

 # Some basic error checking
 &snort_error($text{'rule_norule'}) if !$in{'rule'};
-$rulefile = $config{'snort_rules_path'} . "/" . $in{'rule'} . ".rules";
+$rulefile = $in{'rule'};
+$conf = &get_config("var") if $rulefile =~ /\$/;
+$rulefile =~ s/\$(\w+)/$$conf{$1}->{'value'}/ while $rulefile =~ /\$/;
+$rulefile .= ".rules";
 &snort_error($text{'rule_nofile'}, " ($rulefile)") if (! -r $rulefile);

 # Grab the rule file and parse it into arrays

Regards,
Paddy

-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-k7
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages webmin-snort depends on:
hi  perl                          5.8.4-8    Larry Wall's Practical Extraction 
hi  snort                         2.3.2-3    Flexible Network Intrusion Detecti
hi  webmin                        1.180-3    web-based administration toolkit

-- no debconf information

--===============0745683888==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="conf_rules.cgi.patch"

--- conf_rules.cgi.dist	2005-06-08 19:47:58.369061511 +0000
+++ conf_rules.cgi	2005-06-08 19:45:03.136592356 +0000
@@ -37,7 +37,10 @@
 
 # Some basic error checking
 &snort_error($text{'rule_norule'}) if !$in{'rule'};
-$rulefile = $config{'snort_rules_path'} . "/" . $in{'rule'} . ".rules";
+$rulefile = $in{'rule'};
+$conf = &get_config("var") if $rulefile =~ /\$/;
+$rulefile =~ s/\$(\w+)/$$conf{$1}->{'value'}/ while $rulefile =~ /\$/ ;
+$rulefile .= ".rules";
 &snort_error($text{'rule_nofile'}, " ($rulefile)") if (! -r $rulefile);
 
 # Grab the rule file and parse it into arrays

--===============0745683888==--

---------------------------------------
Received: (at 312565-close) by bugs.debian.org; 14 Jun 2005 19:53:35 +0000
>From katie@ftp-master.debian.org Tue Jun 14 12:53:35 2005
Return-path: <katie@ftp-master.debian.org>
Received: from newraff.debian.org [208.185.25.31] (mail)
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1DiHTb-00060v-00; Tue, 14 Jun 2005 12:53:35 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
	id 1DiHOw-0006UM-00; Tue, 14 Jun 2005 15:48:46 -0400
From: jaldhar@debian.org (Jaldhar H. Vyas)
To: 312565-close@bugs.debian.org
X-Katie: $Revision: 1.56 $
Subject: Bug#312565: fixed in webmin-snort 1.1-4
Message-Id: <E1DiHOw-0006UM-00@newraff.debian.org>
Sender: Archive Administrator <katie@ftp-master.debian.org>
Date: Tue, 14 Jun 2005 15:48:46 -0400
Delivered-To: 312565-close@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
	autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Source: webmin-snort
Source-Version: 1.1-4

We believe that the bug you reported is fixed in the latest version of
webmin-snort, which is due to be installed in the Debian FTP archive:

webmin-snort_1.1-4.diff.gz
  to pool/main/w/webmin-snort/webmin-snort_1.1-4.diff.gz
webmin-snort_1.1-4.dsc
  to pool/main/w/webmin-snort/webmin-snort_1.1-4.dsc
webmin-snort_1.1-4_all.deb
  to pool/main/w/webmin-snort/webmin-snort_1.1-4_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 312565@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jaldhar H. Vyas <jaldhar@debian.org> (supplier of updated webmin-snort package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 14 Jun 2005 14:46:25 -0400
Source: webmin-snort
Binary: webmin-snort
Architecture: source all
Version: 1.1-4
Distribution: unstable
Urgency: low
Maintainer: Debian Webmin maintainers <webmin-maintainers@lists.alioth.debian.org>
Changed-By: Jaldhar H. Vyas <jaldhar@debian.org>
Description: 
 webmin-snort - snort control module for webmin
Closes: 312565
Changes: 
 webmin-snort (1.1-4) unstable; urgency=low
 .
   * Allow conf_rules.cgi to understand VARs.  Thanks to Paddy Smith for
     the patch.  (Closes: #312565)
Files: 
 036032bef55f76dc590deb9975955023 667 admin optional webmin-snort_1.1-4.dsc
 da451411a5c4cd6a2f5fa565fd4d8baa 3270 admin optional webmin-snort_1.1-4.diff.gz
 66a6934711121fa6affe0e34e4f6c9fc 25402 admin optional webmin-snort_1.1-4_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFCryaM2kYOR+5txmoRAjz2AJ9h5gnpS7mudROPSan29NTKwhT1DwCfdKWH
MzqfGrCzQ1O8GomYJPmlfcA=
=l126
-----END PGP SIGNATURE-----