From 5f0aab1fccab4c191b2083aea88e28856caf1a4c Mon Sep 17 00:00:00 2001
From: Mark Reynolds <mreynolds@redhat.com>
Date: Tue, 14 Jul 2015 10:09:00 -0400
Subject: [PATCH 18/20] Ticket 47910 - logconv.pl - validate start and end time
args
Description: Add validatation checks for the startTime/endTime configuration
arguments(-S, -E)
https://fedorahosted.org/389/ticket/47910
Reviewed by: rmeggins(Thanks!)
(cherry picked from commit 8495afa57ad837e3a51871a4f6da2a9978c8e711)
(cherry picked from commit 3bf1daaadd7e7c7b0f99d1f7a93d78598730269d)
---
ldap/admin/src/logconv.pl | 65 +++++++++++++++++++++++++++++++++++------------
1 file changed, 49 insertions(+), 16 deletions(-)
diff --git a/ldap/admin/src/logconv.pl b/ldap/admin/src/logconv.pl
index ce4114e..7ca9084 100755
--- a/ldap/admin/src/logconv.pl
+++ b/ldap/admin/src/logconv.pl
@@ -24,6 +24,7 @@ use DB_File;
use sigtrap qw(die normal-signals);
use Archive::Tar;
use IO::Uncompress::AnyUncompress qw($AnyUncompressError);
+use Scalar::Util qw(looks_like_number);
Getopt::Long::Configure ("bundling");
Getopt::Long::Configure ("permute");
@@ -341,18 +342,18 @@ $connmsg{"P2"} = "Poll";
$connmsg{"U1"} = "Cleanly Closed Connections";
my %monthname = (
- "Jan" => 0,
- "Feb" => 1,
- "Mar" => 2,
- "Apr" => 3,
- "May" => 4,
- "Jun" => 5,
- "Jul" => 6,
- "Aug" => 7,
- "Sep" => 8,
- "Oct" => 9,
- "Nov" => 10,
- "Dec" => 11,
+ "jan" => 0,
+ "feb" => 1,
+ "mar" => 2,
+ "apr" => 3,
+ "may" => 4,
+ "jun" => 5,
+ "jul" => 6,
+ "aug" => 7,
+ "sep" => 8,
+ "oct" => 9,
+ "nov" => 10,
+ "dec" => 11,
);
@@ -411,11 +412,27 @@ sub convertTimeToSeconds {
my $logDate;
my @dateComps;
my ($timeMonth, $timeDay, $timeYear, $dateTotal);
+ $dateTotal = 0;
if ($log_line =~ / *([0-9A-Z\/]+)/i ){
$logDate = $1;
@dateComps = split /\//, $logDate;
-
- $timeMonth = 1 + $monthname{$dateComps[1]};
+ if ($#dateComps < 2) {
+ print "The date string ($log_line) is invalid, exiting...\n";
+ exit(1);
+ }
+ if (!looks_like_number($dateComps[0]) || length $dateComps[0] != 2) {
+ print "The date string ($log_line) has invalid day ($dateComps[0]), exiting...\n";
+ exit(1);
+ }
+ if ($monthname{lc $dateComps[1]} eq "") {
+ print "The date string ($log_line) has invalid month ($dateComps[1]), exiting...\n";
+ exit(1);
+ }
+ if (!looks_like_number($dateComps[2]) || length $dateComps[2] != 4 ) {
+ print "The date string ($log_line) has invalid year ($dateComps[2]), exiting...\n";
+ exit(1);
+ }
+ $timeMonth = 1 + $monthname{lc $dateComps[1]};
$timeMonth = $timeMonth * 3600 * 24 * 30;
$timeDay= $dateComps[0] * 3600 * 24;
$timeYear = $dateComps[2] * 365 * 3600 * 24;
@@ -425,10 +442,26 @@ sub convertTimeToSeconds {
my $logTime;
my @timeComps;
my ($timeHour, $timeMinute, $timeSecond, $timeTotal);
+ $timeTotal = 0;
if ($log_line =~ / *(:[0-9:]+)/i ){
$logTime = $1;
@timeComps = split /:/, $logTime;
-
+ if ($#timeComps < 3) {
+ print "The time string ($log_line) is invalid, exiting...\n";
+ exit(1);
+ }
+ if (!looks_like_number($timeComps[1]) || length $timeComps[1] != 2){
+ print "The time string ($log_line) has invalid hour ($timeComps[1]), exiting...\n";
+ exit(1);
+ }
+ if (!looks_like_number($timeComps[2]) || length $timeComps[2] != 2){
+ print "The time string ($log_line) has invalid minute ($timeComps[2]), exiting...\n";
+ exit(1);
+ }
+ if (!looks_like_number($timeComps[3]) || length $timeComps[3] != 2){
+ print "The time string ($log_line) has invalid second ($timeComps[3]), exiting...\n";
+ exit(1);
+ }
$timeHour = $timeComps[1] * 3600;
$timeMinute = $timeComps[2] * 60;
$timeSecond = $timeComps[3];
@@ -1796,7 +1829,7 @@ sub parseLineNormal
}
my ($date, $hr, $min, $sec) = split (':', $time);
my ($day, $mon, $yr) = split ('/', $date);
- my $newmin = timegm(0, $min, $hr, $day, $monthname{$mon}, $yr) - $tzoff;
+ my $newmin = timegm(0, $min, $hr, $day, $monthname{lc $mon}, $yr) - $tzoff;
$gmtime = $newmin + $sec;
print_stats_block( $s_stats );
reset_stats_block( $s_stats, $gmtime, $time.' '.$tzone );
--
1.9.3