Project

General

Profile

Bug #10255

status_logs_filter.php: PHP error when log entry contains invalid port

Added by Jim Pingle about 2 months ago. Updated 27 days ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Logging
Target version:
Start date:
02/12/2020
Due date:
% Done:

100%

Estimated time:
Affected Version:
2.4.5
Affected Architecture:
All

Description

On status_logs_filter.php if the filter.log contains a log entry with an invalid port, then a PHP error occurs:

[12-Feb-2020 10:47:01 America/Indiana/Indianapolis] PHP Warning:  getservbyport() expects parameter 1 to be integer, string given in /etc/inc/filter_log.inc on line 447

The get_port_with_service() function is assuming the port value is valid before running it through getservbyport(). This function is in source:src/etc/inc/syslog.inc@master on 2.5.0 and source:src/etc/inc/filter_log.inc@RELENG_2_4_5 on 2.4.5

An example offending firewall log entry is:

Feb 11 17:24:57 pfsense filterlog: 4294967295,,,0,ix0,short,pass,in,4,0x0,,54,23350,0,none,6,tcp,26,x.x.x.x,y.y.y.y,errormsg='tcp 6 [bad hdr length 0 - too short < 20]',

Associated revisions

Revision 7e7572ba (diff)
Added by Jim Pingle about 2 months ago

get_service_with_port(): Validate port contents. Fixes #10255

Revision ae9d8b76 (diff)
Added by Jim Pingle about 2 months ago

get_service_with_port(): Validate port contents. Fixes #10255

History

#1 Updated by Jim Pingle about 2 months ago

  • Target version set to 2.4.5

#2 Updated by Jim Pingle about 2 months ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100

#3 Updated by Jim Pingle 27 days ago

  • Status changed from Feedback to Resolved

No PHP error with the affected log messages on 2.4.5.r.20200302.1200

Also available in: Atom PDF