Fix CVE-2024-46256 and CVE-2024-46257

- Schema validate against bad domain characters - Integration test for CVE POC examples - Cypress rewrite of plugins for file upload
2025-06-17 17:56:27 +00:00 · 2024-10-11 11:21:22 +10:00
parent 7c97516de6
commit c39d5433bc
19 changed files with 358 additions and 180 deletions
--- a/backend/schema/common.json
+++ b/backend/schema/common.json
@ -76,7 +76,7 @@
 			"uniqueItems": true,
 			"items": {
 				"type": "string",
-				"pattern": "^(?:\\*\\.)?(?:[^.*]+\\.?)+[^.]$"
+				"pattern": "^[^&| @!#%^();:/\\\\}{=+?<>,~`'\"]+$"
 			}
 		},
 		"enabled": {
--- a/backend/schema/components/error.json
+++ b/backend/schema/components/error.json
@ -0,0 +1,9 @@
+{
+	"type": "object",
+	"description": "Error",
+	"properties": {
+		"error": {
+			"$ref": "./error-object.json"
+		}
+	}
+}
--- a/backend/schema/paths/nginx/certificates/post.json
+++ b/backend/schema/paths/nginx/certificates/post.json
@ -72,6 +72,26 @@
 					}
 				}
 			}
+		},
+		"400": {
+			"description": "400 response",
+			"content": {
+				"application/json": {
+					"examples": {
+						"default": {
+							"value": {
+								"error": {
+									"code": 400,
+									"message": "Domains are invalid"
+								}
+							}
+						}
+					},
+					"schema": {
+						"$ref": "../../../components/error.json"
+					}
+				}
+			}
 		}
 	}
 }
--- a/backend/schema/paths/nginx/certificates/validate/post.json
+++ b/backend/schema/paths/nginx/certificates/validate/post.json
@ -50,6 +50,42 @@
 								"certificate_key": true
 							}
 						}
+					},
+					"schema": {
+						"type": "object",
+						"additionalProperties": false,
+						"required": ["certificate", "certificate_key"],
+						"properties": {
+							"certificate": {
+								"type": "object",
+								"additionalProperties": false,
+								"required": ["cn", "issuer", "dates"],
+								"properties": {
+									"cn": {
+										"type": "string"
+									},
+									"issuer": {
+										"type": "string"
+									},
+									"dates": {
+										"type": "object",
+										"additionalProperties": false,
+										"required": ["from", "to"],
+										"properties": {
+											"from": {
+												"type": "integer"
+											},
+											"to": {
+												"type": "integer"
+											}
+										}
+									}
+								}
+							},
+							"certificate_key": {
+								"type": "boolean"
+							}
+						}
 					}
 				}
 			}
@ -67,6 +103,9 @@
 								}
 							}
 						}
+					},
+					"schema": {
+						"$ref": "../../../../components/error.json"
 					}
 				}
 			}
--- a/backend/schema/paths/nginx/dead-hosts/hostID/disable/post.json
+++ b/backend/schema/paths/nginx/dead-hosts/hostID/disable/post.json
@ -50,7 +50,7 @@
 						}
 					},
 					"schema": {
-						"$ref": "../../../../../components/error-object.json"
+						"$ref": "../../../../../components/error.json"
 					}
 				}
 			}
--- a/backend/schema/paths/nginx/dead-hosts/hostID/enable/post.json
+++ b/backend/schema/paths/nginx/dead-hosts/hostID/enable/post.json
@ -50,7 +50,7 @@
 						}
 					},
 					"schema": {
-						"$ref": "../../../../../components/error-object.json"
+						"$ref": "../../../../../components/error.json"
 					}
 				}
 			}
--- a/backend/schema/paths/nginx/proxy-hosts/hostID/disable/post.json
+++ b/backend/schema/paths/nginx/proxy-hosts/hostID/disable/post.json
@ -50,7 +50,7 @@
 						}
 					},
 					"schema": {
-						"$ref": "../../../../../components/error-object.json"
+						"$ref": "../../../../../components/error.json"
 					}
 				}
 			}
--- a/backend/schema/paths/nginx/proxy-hosts/hostID/enable/post.json
+++ b/backend/schema/paths/nginx/proxy-hosts/hostID/enable/post.json
@ -50,7 +50,7 @@
 						}
 					},
 					"schema": {
-						"$ref": "../../../../../components/error-object.json"
+						"$ref": "../../../../../components/error.json"
 					}
 				}
 			}
--- a/backend/schema/paths/nginx/redirection-hosts/hostID/disable/post.json
+++ b/backend/schema/paths/nginx/redirection-hosts/hostID/disable/post.json
@ -50,7 +50,7 @@
 						}
 					},
 					"schema": {
-						"$ref": "../../../../../components/error-object.json"
+						"$ref": "../../../../../components/error.json"
 					}
 				}
 			}
--- a/backend/schema/paths/nginx/redirection-hosts/hostID/enable/post.json
+++ b/backend/schema/paths/nginx/redirection-hosts/hostID/enable/post.json
@ -50,7 +50,7 @@
 						}
 					},
 					"schema": {
-						"$ref": "../../../../../components/error-object.json"
+						"$ref": "../../../../../components/error.json"
 					}
 				}
 			}
--- a/backend/schema/paths/nginx/streams/streamID/disable/post.json
+++ b/backend/schema/paths/nginx/streams/streamID/disable/post.json
@ -50,7 +50,7 @@
 						}
 					},
 					"schema": {
-						"$ref": "../../../../../components/error-object.json"
+						"$ref": "../../../../../components/error.json"
 					}
 				}
 			}
--- a/backend/schema/paths/nginx/streams/streamID/enable/post.json
+++ b/backend/schema/paths/nginx/streams/streamID/enable/post.json
@ -50,7 +50,7 @@
 						}
 					},
 					"schema": {
-						"$ref": "../../../../../components/error-object.json"
+						"$ref": "../../../../../components/error.json"
 					}
 				}
 			}