diff options
author | Christian König <ckoenig@posteo.de> | 2022-09-27 00:40:09 +0300 |
---|---|---|
committer | Christian König <ckoenig@posteo.de> | 2022-09-27 00:40:09 +0300 |
commit | 276c480f5001465d994dacf6e30d1e1c2d0a3b0b (patch) | |
tree | e1dc3c05862603a24a43d0ea45db2c48ea2c065c /advanced | |
parent | 25ba68104b1b9c6300d45920514a06c1cccdb516 (diff) |
Return default port if non-numeric characters are set in pihole-FTL.conf for FTLPORT. FTL does the same in such case and provide the API on 4711no_port
Signed-off-by: Christian König <ckoenig@posteo.de>
Diffstat (limited to 'advanced')
-rwxr-xr-x | advanced/Scripts/utils.sh | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/advanced/Scripts/utils.sh b/advanced/Scripts/utils.sh index ef7ad219..1174fa62 100755 --- a/advanced/Scripts/utils.sh +++ b/advanced/Scripts/utils.sh @@ -82,16 +82,14 @@ getFTLAPIPort(){ if [ -s "$FTLCONFFILE" ]; then # if FTLPORT is not set in pihole-FTL.conf, use the default port ftl_api_port="$({ grep '^FTLPORT=' "${FTLCONFFILE}" || echo "${DEFAULT_FTL_PORT}"; } | cut -d'=' -f2-)" - # Exploit prevention: unset the variable if there is malicious content - # Verify that the value read from the file is numeric - expr "${ftl_api_port}" : "[^[:digit:]]" > /dev/null && unset ftl_api_port + # Exploit prevention: set the port to the default port if there is malicious (non-numeric) + # content set in pihole-FTL.conf + expr "${ftl_api_port}" : "[^[:digit:]]" > /dev/null && ftl_api_port="${DEFAULT_FTL_PORT}" else # if there is no pihole-FTL.conf, use the default port ftl_api_port="${DEFAULT_FTL_PORT}" fi - # If the ftl_api_port contained malicious stuff, substitute with -1 - ftl_api_port=${ftl_api_port:=-1} echo "${ftl_api_port}" } |