From 3c11b2200d234e5750475ce548db1e48bba0956e Mon Sep 17 00:00:00 2001 From: Sebastian Hildebrandt Date: Tue, 19 Sep 2023 15:52:20 +0200 Subject: [PATCH] wifi sanitizing iface names --- lib/util.js | 1 + lib/wifi.js | 22 +++++++++++++++++++--- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/lib/util.js b/lib/util.js index 6db68ffb..de1255d1 100644 --- a/lib/util.js +++ b/lib/util.js @@ -709,6 +709,7 @@ function sanitizeShellString(str, strict) { (strict && s[i] === '@') || (strict && s[i] === ' ') || (strict && s[i] == '{') || + (strict && s[i] == ';') || (strict && s[i] == ')'))) { result = result + s[i]; } diff --git a/lib/wifi.js b/lib/wifi.js index 39ad08c3..eb3dcddb 100644 --- a/lib/wifi.js +++ b/lib/wifi.js @@ -401,7 +401,15 @@ function wifiNetworks(callback) { } }); if (iface) { - const res = getWifiNetworkListIw(iface); + let ifaceSanitized = ''; + const s = util.isPrototypePolluted() ? '---' : util.sanitizeShellString(iface); + for (let i = 0; i <= util.mathMin(s.length, 2000); i++) { + if (s[i] !== undefined) { + ifaceSanitized = ifaceSanitized + s[i]; + } + } + + const res = getWifiNetworkListIw(ifaceSanitized); if (res === -1) { // try again after 4 secs setTimeout(function (iface) { @@ -529,8 +537,16 @@ function wifiConnections(callback) { const ifaces = ifaceListLinux(); const networkList = getWifiNetworkListNmi(); ifaces.forEach(ifaceDetail => { - const nmiDetails = nmiDeviceLinux(ifaceDetail.iface); - const wpaDetails = wpaConnectionLinux(ifaceDetail.iface); + let ifaceSanitized = ''; + const s = util.isPrototypePolluted() ? '---' : util.sanitizeShellString(ifaceDetail.iface); + for (let i = 0; i <= util.mathMin(s.length, 2000); i++) { + if (s[i] !== undefined) { + ifaceSanitized = ifaceSanitized + s[i]; + } + } + + const nmiDetails = nmiDeviceLinux(ifaceSanitized); + const wpaDetails = wpaConnectionLinux(ifaceSanitized); const ssid = nmiDetails.ssid || wpaDetails.ssid; const network = networkList.filter(nw => nw.ssid === ssid); const nmiConnection = nmiConnectionLinux(ssid);