Project

General

Profile

Actions

Bug #10255

closed

status_logs_filter.php: PHP error when log entry contains invalid port

Added by Jim Pingle about 4 years ago. Updated about 4 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Logging
Target version:
Start date:
02/12/2020
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.4.5
Affected Architecture:
All

Description

On status_logs_filter.php if the filter.log contains a log entry with an invalid port, then a PHP error occurs:

[12-Feb-2020 10:47:01 America/Indiana/Indianapolis] PHP Warning:  getservbyport() expects parameter 1 to be integer, string given in /etc/inc/filter_log.inc on line 447

The get_port_with_service() function is assuming the port value is valid before running it through getservbyport(). This function is in source:src/etc/inc/syslog.inc@master on 2.5.0 and source:src/etc/inc/filter_log.inc@RELENG_2_4_5 on 2.4.5

An example offending firewall log entry is:

Feb 11 17:24:57 pfsense filterlog: 4294967295,,,0,ix0,short,pass,in,4,0x0,,54,23350,0,none,6,tcp,26,x.x.x.x,y.y.y.y,errormsg='tcp 6 [bad hdr length 0 - too short < 20]',
Actions

Also available in: Atom PDF