Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Show the complete CGI environment in the error log on a 418 hack attempt error. |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
0204f4aab5acb39bac06a24e2b50d6a7 |
| User & Date: | drh 2023-08-31 12:20:00.640 |
Context
|
2023-09-01
| ||
| 05:48 | Eliminate duplicate folders on the /dir page when using the Blitz skin, caused by [32297dde2bee23] and reported by Martin G. in /chat. ... (check-in: b6bb4a62be user: stephan tags: trunk) | |
|
2023-08-31
| ||
| 12:20 | Show the complete CGI environment in the error log on a 418 hack attempt error. ... (check-in: 0204f4aab5 user: drh tags: trunk) | |
|
2023-08-30
| ||
| 19:42 | Improvements to the tools/codecheck1.c injection-attack static analyzer tool. ... (check-in: 2afff83e7e user: drh tags: trunk) | |
Changes
Changes to src/alerts.c.
| ︙ | ︙ | |||
3473 3474 3475 3476 3477 3478 3479 |
return;
}
style_set_current_feature("alerts");
if( fossil_strcmp(P("name"),"test1")==0 ){
/* Visit the /announce/test1 page to see the CGI variables */
zAction = "announce/test1";
@ <p style='border: 1px solid black; padding: 1ex;'>
| | | 3473 3474 3475 3476 3477 3478 3479 3480 3481 3482 3483 3484 3485 3486 3487 |
return;
}
style_set_current_feature("alerts");
if( fossil_strcmp(P("name"),"test1")==0 ){
/* Visit the /announce/test1 page to see the CGI variables */
zAction = "announce/test1";
@ <p style='border: 1px solid black; padding: 1ex;'>
cgi_print_all(0, 0, 0);
@ </p>
}else if( P("submit")!=0 && cgi_csrf_safe(1) ){
char *zErr = alert_send_announcement();
style_header("Announcement Sent");
if( zErr ){
@ <h1>Internal Error</h1>
@ <p>The following error was reported by the system:
|
| ︙ | ︙ |
Changes to src/cgi.c.
| ︙ | ︙ | |||
1547 1548 1549 1550 1551 1552 1553 | @ @ <p>If you believe you are innocent and have reached this page in error, @ contact the Fossil developers on the Fossil-SCM Forum. Type @ "fossil-scm forum" into any search engine to locate the Fossil-SCM Forum. style_finish_page(); cgi_set_status(418,"I'm a teapot"); cgi_reply(); | | | 1547 1548 1549 1550 1551 1552 1553 1554 1555 1556 1557 1558 1559 1560 1561 |
@
@ <p>If you believe you are innocent and have reached this page in error,
@ contact the Fossil developers on the Fossil-SCM Forum. Type
@ "fossil-scm forum" into any search engine to locate the Fossil-SCM Forum.
style_finish_page();
cgi_set_status(418,"I'm a teapot");
cgi_reply();
fossil_errorlog("Xpossible hack attempt - 418 response on \"%s\"", zName);
exit(0);
}
/*
** If looks_like_sql_injection() returns true for the given string, calls
** cgi_begone_spider() and does not return, else this function has no
** side effects. The range of checks performed by this function may
|
| ︙ | ︙ | |||
1757 1758 1759 1760 1761 1762 1763 | ** This is used for testing and debugging. ** ** Omit the values of the cookies unless showAll is true. ** ** The eDest parameter determines where the output is shown: ** ** eDest==0: Rendering as HTML into the CGI reply | | > | | | | > > > | | | > > > > > > > > | 1757 1758 1759 1760 1761 1762 1763 1764 1765 1766 1767 1768 1769 1770 1771 1772 1773 1774 1775 1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 1786 1787 1788 1789 1790 1791 1792 1793 1794 1795 1796 1797 1798 1799 1800 1801 1802 1803 1804 1805 |
** This is used for testing and debugging.
**
** Omit the values of the cookies unless showAll is true.
**
** The eDest parameter determines where the output is shown:
**
** eDest==0: Rendering as HTML into the CGI reply
** eDest==1: Written to fossil_trace
** eDest==2: Written to cgi_debug
** eDest==3: Written to out (Used only by fossil_errorlog())
*/
void cgi_print_all(int showAll, unsigned int eDest, FILE *out){
int i;
cgi_parameter("",""); /* Force the parameters into sorted order */
for(i=0; i<nUsedQP; i++){
const char *zName = aParamQP[i].zName;
const char *zValue = aParamQP[i].zValue;
if( fossil_stricmp("HTTP_COOKIE",zName)==0
|| fossil_strnicmp("fossil-",zName,7)==0
){
if( !showAll ) continue;
if( eDest==3 ) zValue = "...";
}
switch( eDest ){
case 0: {
cgi_printf("%h = %h <br>\n", zName, zValue);
break;
}
case 1: {
fossil_trace("%s = %s\n", zName, zValue);
break;
}
case 2: {
cgi_debug("%s = %s\n", zName, zValue);
break;
}
case 3: {
if( strlen(zValue)>100 ){
fprintf(out,"%s = %.100s...\n", zName, zValue);
}else{
fprintf(out,"%s = %s\n", zName, zValue);
}
break;
}
}
}
}
/*
|
| ︙ | ︙ |
Changes to src/main.c.
| ︙ | ︙ | |||
2098 2099 2100 2101 2102 2103 2104 |
if( !cgi_same_origin() ){
isReadonly = 1;
db_protect(PROTECT_READONLY);
}
}
if( g.fCgiTrace ){
fossil_trace("######## Calling %s #########\n", pCmd->zName);
| | | 2098 2099 2100 2101 2102 2103 2104 2105 2106 2107 2108 2109 2110 2111 2112 |
if( !cgi_same_origin() ){
isReadonly = 1;
db_protect(PROTECT_READONLY);
}
}
if( g.fCgiTrace ){
fossil_trace("######## Calling %s #########\n", pCmd->zName);
cgi_print_all(1, 1, 0);
}
#ifdef FOSSIL_ENABLE_TH1_HOOKS
{
/*
** The TH1 return codes from the hook will be handled as follows:
**
** TH_OK: The xFunc() and the TH1 notification will both be executed.
|
| ︙ | ︙ | |||
2563 2564 2565 2566 2567 2568 2569 |
*/
char *zNow = cgi_iso8601_datestamp();
cgi_load_environment();
g.fDebug = fossil_fopen(blob_str(&value), "ab");
blob_reset(&value);
cgi_debug("-------- BEGIN cgi at %s --------\n", zNow);
fossil_free(zNow);
| | | 2563 2564 2565 2566 2567 2568 2569 2570 2571 2572 2573 2574 2575 2576 2577 |
*/
char *zNow = cgi_iso8601_datestamp();
cgi_load_environment();
g.fDebug = fossil_fopen(blob_str(&value), "ab");
blob_reset(&value);
cgi_debug("-------- BEGIN cgi at %s --------\n", zNow);
fossil_free(zNow);
cgi_print_all(1,2,0);
continue;
}
}
blob_reset(&config);
if( g.db==0 && g.zRepositoryName==0 && nRedirect==0 ){
cgi_panic("Unable to find or open the project repository");
}
|
| ︙ | ︙ |
Changes to src/printf.c.
| ︙ | ︙ | |||
1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 |
blob_reset(&b);
va_end(ap);
}
/*
** Write a message to the error log, if the error log filename is
** defined.
*/
void fossil_errorlog(const char *zFormat, ...){
struct tm *pNow;
time_t now;
FILE *out;
const char *z;
int i;
va_list ap;
static const char *const azEnv[] = { "HTTP_HOST", "HTTP_REFERER",
"HTTP_USER_AGENT",
"PATH_INFO", "QUERY_STRING", "REMOTE_ADDR", "REQUEST_METHOD",
"REQUEST_URI", "SCRIPT_NAME" };
if( g.zErrlog==0 ) return;
if( g.zErrlog[0]=='-' && g.zErrlog[1]==0 ){
out = stderr;
}else{
out = fossil_fopen(g.zErrlog, "a");
if( out==0 ) return;
}
now = time(0);
pNow = gmtime(&now);
fprintf(out, "------------- %04d-%02d-%02d %02d:%02d:%02d UTC ------------\n",
pNow->tm_year+1900, pNow->tm_mon+1, pNow->tm_mday,
pNow->tm_hour, pNow->tm_min, pNow->tm_sec);
va_start(ap, zFormat);
vfprintf(out, zFormat, ap);
fprintf(out, "\n");
va_end(ap);
| > > > > > > > > > > > | | | | | | | > | 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 |
blob_reset(&b);
va_end(ap);
}
/*
** Write a message to the error log, if the error log filename is
** defined.
**
** If the message format begins with 'X', then omit that X from the
** beginning of the message and add much more CGI context.
*/
void fossil_errorlog(const char *zFormat, ...){
struct tm *pNow;
time_t now;
FILE *out;
const char *z;
int i;
int bDetail = 0;
va_list ap;
static const char *const azEnv[] = { "HTTP_HOST", "HTTP_REFERER",
"HTTP_USER_AGENT",
"PATH_INFO", "QUERY_STRING", "REMOTE_ADDR", "REQUEST_METHOD",
"REQUEST_URI", "SCRIPT_NAME" };
if( g.zErrlog==0 ) return;
if( g.zErrlog[0]=='-' && g.zErrlog[1]==0 ){
out = stderr;
}else{
out = fossil_fopen(g.zErrlog, "a");
if( out==0 ) return;
}
now = time(0);
pNow = gmtime(&now);
fprintf(out, "------------- %04d-%02d-%02d %02d:%02d:%02d UTC ------------\n",
pNow->tm_year+1900, pNow->tm_mon+1, pNow->tm_mday,
pNow->tm_hour, pNow->tm_min, pNow->tm_sec);
va_start(ap, zFormat);
if( zFormat[0]=='X' ){
bDetail = 1;
zFormat++;
}
vfprintf(out, zFormat, ap);
fprintf(out, "\n");
va_end(ap);
if( bDetail ){
cgi_print_all(1,3,out);
}else{
for(i=0; i<count(azEnv); i++){
char *p;
if( (p = fossil_getenv(azEnv[i]))!=0 && p[0]!=0 ){
fprintf(out, "%s=%s\n", azEnv[i], p);
fossil_path_free(p);
}else if( (z = P(azEnv[i]))!=0 && z[0]!=0 ){
fprintf(out, "%s=%s\n", azEnv[i], z);
}
}
}
fclose(out);
}
/*
** The following variable becomes true while processing a fatal error
|
| ︙ | ︙ |
Changes to src/style.c.
| ︙ | ︙ | |||
832 833 834 835 836 837 838 |
Th_Unstore("title"); /* Avoid collisions with ticket field names */
cgi_destination(CGI_BODY);
g.cgiOutput = 1;
headerHasBeenGenerated = 1;
sideboxUsed = 0;
if( g.perm.Debug && P("showqp") ){
@ <div class="debug">
| | | 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 |
Th_Unstore("title"); /* Avoid collisions with ticket field names */
cgi_destination(CGI_BODY);
g.cgiOutput = 1;
headerHasBeenGenerated = 1;
sideboxUsed = 0;
if( g.perm.Debug && P("showqp") ){
@ <div class="debug">
cgi_print_all(0, 0, 0);
@ </div>
}
}
#if INTERFACE
/* Allowed parameters for style_adunit() */
#define ADUNIT_OFF 0x0001 /* Do not allow ads on this page */
|
| ︙ | ︙ | |||
1472 1473 1474 1475 1476 1477 1478 |
@ argv[%d(k)] = %h(blob_str(&t))<br>
blob_zero(&t);
}
}
@ <hr>
P("HTTP_USER_AGENT");
P("SERVER_SOFTWARE");
| | | 1472 1473 1474 1475 1476 1477 1478 1479 1480 1481 1482 1483 1484 1485 1486 |
@ argv[%d(k)] = %h(blob_str(&t))<br>
blob_zero(&t);
}
}
@ <hr>
P("HTTP_USER_AGENT");
P("SERVER_SOFTWARE");
cgi_print_all(showAll, 0, 0);
if( showAll && blob_size(&g.httpHeader)>0 ){
@ <hr>
@ <pre>
@ %h(blob_str(&g.httpHeader))
@ </pre>
}
}
|
| ︙ | ︙ |