1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
From 7373f92c80eb89941428468cd6b9d5c8879a7f93 Mon Sep 17 00:00:00 2001
From: Changqing Li <changqing.li@windriver.com>
Date: Wed, 4 Jan 2023 14:23:34 +0800
Subject: [PATCH] [DEV-2283] added validation of the scheduled report
generation URL to zabbix-web-service
Upstream-Status: Backport [https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/fdb03971867]
CVE: CVE-2022-46768
Signed-off-by: Changqing Li <changqing.li@windriver.com>
---
.../zabbix_web_service/pdf_report_creator.go | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/src/go/cmd/zabbix_web_service/pdf_report_creator.go b/src/go/cmd/zabbix_web_service/pdf_report_creator.go
index 391b58b..8452a3d 100644
--- a/src/go/cmd/zabbix_web_service/pdf_report_creator.go
+++ b/src/go/cmd/zabbix_web_service/pdf_report_creator.go
@@ -29,6 +29,7 @@ import (
"net/http"
"net/url"
"strconv"
+ "strings"
"time"
"github.com/chromedp/cdproto/emulation"
@@ -123,6 +124,23 @@ func (h *handler) report(w http.ResponseWriter, r *http.Request) {
return
}
+ if u.Scheme != "http" && u.Scheme != "https" {
+ logAndWriteError(w, fmt.Sprintf("Unexpected URL scheme: \"%s\"", u.Scheme), http.StatusBadRequest)
+ return
+ }
+
+ if !strings.HasSuffix(u.Path, "/zabbix.php") {
+ logAndWriteError(w, fmt.Sprintf("Unexpected URL path: \"%s\"", u.Path), http.StatusBadRequest)
+ return
+ }
+
+ queryParams := u.Query()
+
+ if queryParams.Get("action") != "dashboard.print" {
+ logAndWriteError(w, fmt.Sprintf("Unexpected URL action: \"%s\"", queryParams.Get("action")), http.StatusBadRequest)
+ return
+ }
+
log.Tracef(
"making chrome headless request with parameters url: %s, width: %s, height: %s for report request from %s",
u.String(), req.Parameters["width"], req.Parameters["height"], r.RemoteAddr)
--
2.25.1
|