Skip to content

Commit a94dc0b

Browse files
jens-mausjens-maus
committed
improve session check security by just searching for sid=@xxx@
1 parent 94651d0 commit a94dc0b

File tree

4 files changed

+14
-24
lines changed

4 files changed

+14
-24
lines changed

VERSION

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
2.5
1+
2.6

www/exec.cgi

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,18 +1,7 @@
11
#!/bin/tclsh
22

3-
load tclrega.so
43
source session.tcl
54

6-
catch {
7-
set input $env(QUERY_STRING)
8-
set pairs [split $input &]
9-
foreach pair $pairs {
10-
if {0 != [regexp "^(\[^=]*)=(.*)$" $pair dummy varname val]} {
11-
set $varname $val
12-
}
13-
}
14-
}
15-
165
proc toString { str } {
176
set map {
187
"\"" "\\\""

www/exec1.cgi

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,18 +1,7 @@
11
#!/bin/tclsh
22

3-
load tclrega.so
43
source session.tcl
54

6-
catch {
7-
set input $env(QUERY_STRING)
8-
set pairs [split $input &]
9-
foreach pair $pairs {
10-
if {0 != [regexp "^(\[^=]*)=(.*)$" $pair dummy varname val]} {
11-
set $varname $val
12-
}
13-
}
14-
}
15-
165
proc toString { str } {
176
set map {
187
"\"" "\\\""

www/session.tcl

100755100644
Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,18 @@
22

33
load tclrega.so
44

5+
catch {
6+
set input $env(QUERY_STRING)
7+
set pairs [split $input &]
8+
set sid ""
9+
foreach pair $pairs {
10+
if {0 != [regexp "^sid=(@.*@)$" $pair dummy val]} {
11+
set sid $val
12+
break
13+
}
14+
}
15+
}
16+
517
proc check_session sid {
618
if {[regexp {@([0-9a-zA-Z]{10})@} $sid all sidnr]} {
719
set res [lindex [rega_script "Write(system.GetSessionVarStr('$sidnr'));"] 1]
@@ -10,4 +22,4 @@ proc check_session sid {
1022
}
1123
}
1224
return 0
13-
}
25+
}

0 commit comments

Comments
 (0)