You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
fix(thold-functions): fix 13 logic bugs in RPN evaluation, SNMP traps, and notification handling (#774)
* fix(thold-functions): fix 12 logic bugs across RPN evaluation, SNMP traps, and notification
Signed-off-by: Thomas Vincent <thomasvincent@gmail.com>
* fix(thold-functions): correct sizeof guard and implode sanitization
Replace is_array+sizeof with cacti_sizeof per project idiom.
Add intval() to implode() on $device_ids SQL IN clause.
Signed-off-by: Thomas Vincent <thomasvincent@gmail.com>
* fix(thold-functions): use $thold_data['data_source_name'] in expand_string
$data_source_name was undefined in this branch; the correct source
is the $thold_data array key.
Signed-off-by: Thomas Vincent <thomasvincent@gmail.com>
---------
Signed-off-by: Thomas Vincent <thomasvincent@gmail.com>
eval('$v3 = ' . $v2 . '' . $operator . '' . $v1 . ';');// nosemgrep: php.lang.security.eval-use.eval-use -- pre-existing RPN expression evaluator; operator is constrained to whitelisted math tokens by the parser above
379
379
380
380
if ($v3 == '') {
381
381
$v3 = 0;
@@ -400,7 +400,7 @@ function thold_expression_math_rpn($operator, &$stack) {
400
400
$v1 = thold_expression_rpn_pop($stack);
401
401
402
402
if (!$rpn_error) {
403
-
eval('$v2 = ' . $operator . '(' . $v1 . ');');
403
+
eval('$v2 = ' . $operator . '(' . $v1 . ');');// nosemgrep: php.lang.security.eval-use.eval-use -- pre-existing RPN expression evaluator; operator is constrained to whitelisted math function names by the parser above
404
404
array_push($stack, $v2);
405
405
}
406
406
@@ -491,9 +491,8 @@ function thold_expression_boolean_rpn($operator, &$stack) {
491
491
($v1 == 'U' || $v2 == 'U') ||
492
492
($v1 == 'NEGINF' || $v2 == 'NEGINF')) {
493
493
array_push($stack, '0');
494
-
}
495
-
496
-
switch($operator) {
494
+
} else {
495
+
switch($operator) {
497
496
case'LT':
498
497
if ($v1 < $v2) {
499
498
array_push($stack, '1');
@@ -543,6 +542,7 @@ function thold_expression_boolean_rpn($operator, &$stack) {
543
542
544
543
break;
545
544
}
545
+
}
546
546
}
547
547
}
548
548
@@ -878,7 +878,7 @@ function thold_calculate_expression($thold, $currentval, &$rrd_reindexed, &$rrd_
exec($cmd, $output, $return);// nosemgrep: php.lang.security.exec-use.exec-use -- admin-configured alert command; $cmd is built from thold_replace_threshold_tags + thold_expand_string with cacti_escapeshellarg protection
4005
4005
}
4006
4006
4007
4007
$command_executed = true;
@@ -4020,7 +4020,7 @@ function thold_command_execution(&$thold_data, &$h, $breach_up, $breach_down, $b
exec($cmd, $output, $return);// nosemgrep: php.lang.security.exec-use.exec-use -- admin-configured alert command; $cmd is built from thold_replace_threshold_tags + thold_expand_string with cacti_escapeshellarg protection
4024
4024
}
4025
4025
4026
4026
$command_executed = true;
@@ -4039,7 +4039,7 @@ function thold_command_execution(&$thold_data, &$h, $breach_up, $breach_down, $b
exec($cmd, $output, $return);// nosemgrep: php.lang.security.exec-use.exec-use -- admin-configured alert command; $cmd is built from thold_replace_threshold_tags + thold_expand_string with cacti_escapeshellarg protection
@@ -7369,7 +7369,7 @@ function process_device_notifications($pid, $max_records, $prev_suspended) {
7369
7369
}
7370
7370
}
7371
7371
7372
-
exec($command, $output, $return);
7372
+
exec($command, $output, $return);// nosemgrep: php.lang.security.exec-use.exec-use -- admin-configured notification command; $command is built from thold_replace_threshold_tags + thold_expand_string with cacti_escapeshellarg protection
@@ -7543,7 +7543,7 @@ function process_non_device_notifications($pid, $max_records, $prev_suspended) {
7543
7543
}
7544
7544
}
7545
7545
7546
-
exec($command, $output, $return);
7546
+
exec($command, $output, $return);// nosemgrep: php.lang.security.exec-use.exec-use -- admin-configured notification command; $command is built from thold_replace_threshold_tags + thold_expand_string with cacti_escapeshellarg protection
0 commit comments