diff options
| author | David Sommerseth <dazo@users.sourceforge.net> | 2009-04-01 23:15:39 +0200 |
|---|---|---|
| committer | David Sommerseth <dazo@users.sourceforge.net> | 2009-04-01 23:15:39 +0200 |
| commit | ef24b50ee95a855bf84bcaefd4e8ae1954e45fe8 (patch) | |
| tree | 6c522aad4dca44489d42cf70b1825fbb7a01c345 /database/sqlite/firewalladmin.c | |
| parent | d3ee2cba48273b3f0da6d3adeaabbf642ce5c7ae (diff) | |
| download | eurephia-ef24b50ee95a855bf84bcaefd4e8ae1954e45fe8.tar.gz eurephia-ef24b50ee95a855bf84bcaefd4e8ae1954e45fe8.tar.xz eurephia-ef24b50ee95a855bf84bcaefd4e8ae1954e45fe8.zip | |
Security enhancement: Added check in eDBadmin* functions that the context is correct
Diffstat (limited to 'database/sqlite/firewalladmin.c')
| -rw-r--r-- | database/sqlite/firewalladmin.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/database/sqlite/firewalladmin.c b/database/sqlite/firewalladmin.c index 2877f76..6f0cf44 100644 --- a/database/sqlite/firewalladmin.c +++ b/database/sqlite/firewalladmin.c @@ -148,6 +148,12 @@ xmlDoc *eDBadminFirewallProfiles(eurephiaCTX *ctx, xmlDoc *srch) { DEBUG(ctx, 20, "Function call: eDBadminFirewallProfiles(ctx, {xmlDoc})"); assert( (ctx != NULL) && (srch != NULL) ); + if( (ctx->context_type != ECTX_ADMIN_CONSOLE) && (ctx->context_type != ECTX_ADMIN_WEB) ) { + eurephia_log(ctx, LOG_CRITICAL, 0, + "eurephia admin function call attempted with wrong context type"); + return NULL; + } + root_n = eurephiaXML_getRoot(ctx, srch, "firewall_profiles", 1); if( root_n == NULL ) { eurephia_log(ctx, LOG_CRITICAL, 0, "Invalid XML input."); |