Module: check_mk
Branch: master
Commit: 5e22035efcff6a9c485e947dcdfbeb0f3fa41752
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=5e22035efcff6a…
Author: Mathias Kettner <mk(a)mathias-kettner.de>
Date: Thu Dec 4 10:09:40 2014 +0100
#1625 FIX Safely handle characters that have a special meaning in regexes when creating
service-specific rules
When you click an icon or button for creating a service specific rule in
WATO then characters, that have a special meaning in regular expressions,
are now correctly escaped with backslashes. These characters are: <tt>(</tt>,
<tt>)</tt>, <tt>.</tt>, <tt>^</tt>,
<tt>$</tt>, <tt>[</tt>, <tt>]</tt>,
<tt>{</tt>, <tt>}</tt>, <tt>+</tt> and
<tt>*</tt>
---
.werks/1625 | 13 +++++++++++++
ChangeLog | 1 +
web/htdocs/lib.py | 8 ++++++++
web/htdocs/wato.py | 6 ++----
4 files changed, 24 insertions(+), 4 deletions(-)
diff --git a/.werks/1625 b/.werks/1625
new file mode 100644
index 0000000..bffa903
--- /dev/null
+++ b/.werks/1625
@@ -0,0 +1,13 @@
+Title: Safely handle characters that have a special meaning in regexes when creating
service-specific rules
+Level: 1
+Component: wato
+Compatible: compat
+Version: 1.2.5i7
+Date: 1417684044
+Class: fix
+
+When you click an icon or button for creating a service specific rule in
+WATO then characters, that have a special meaning in regular expressions,
+are now correctly escaped with backslashes. These characters are:
<tt>(</tt>,
+<tt>)</tt>, <tt>.</tt>, <tt>^</tt>,
<tt>$</tt>, <tt>[</tt>, <tt>]</tt>,
+<tt>{</tt>, <tt>}</tt>, <tt>+</tt> and
<tt>*</tt>
diff --git a/ChangeLog b/ChangeLog
index 90a0758..ef01d0b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -159,6 +159,7 @@
* 1576 FIX: SNMP Community host attribute is now visible for IE<=8...
* 1588 FIX: Renamed SNMP communities rule to SNMP credentials
* 1589 FIX: Restructured SNMP credentials rule specification...
+ * 1625 FIX: Safely handle characters that have a special meaning in regexes when
creating service-specific rules...
Notifications:
* 1512 Bulk notification can now be grouped according to custom macro values...
diff --git a/web/htdocs/lib.py b/web/htdocs/lib.py
index b372d7f..9da5812 100644
--- a/web/htdocs/lib.py
+++ b/web/htdocs/lib.py
@@ -399,6 +399,14 @@ def regex(r):
regex_cache[r] = rx
return rx
+def escape_regex_chars(text):
+ escaped = ""
+ for c in text:
+ if c in '().^$[]{}+*\\':
+ escaped += '\\'
+ escaped += c
+ return escaped
+
# Splits a word into sequences of numbers and non-numbers.
# Creates a tuple from these where the number are converted
diff --git a/web/htdocs/wato.py b/web/htdocs/wato.py
index d941df6..8c9f57d 100644
--- a/web/htdocs/wato.py
+++ b/web/htdocs/wato.py
@@ -3198,8 +3198,6 @@ def show_service_table(host, firsttime):
else:
html.button("_show_parameters", _("Show Check
Parameters"))
-
-
html.hidden_fields()
if html.var("_scan"):
html.hidden_field("_scan", "on")
@@ -14600,10 +14598,10 @@ def get_rule_conditions(ruleset):
return tag_list, host_list, item_list
-
def date_and_user():
return time.strftime("%F", time.localtime()) + " " +
config.user_id + ": "
+
def mode_edit_rule(phase, new = False):
# Due to localization this cannot be defined in the global context!
vs_rule_options = Dictionary(
@@ -14670,7 +14668,7 @@ def mode_edit_rule(phase, new = False):
host = html.var("host")
item = html.has_var("item") and mk_eval(html.var("item"))
or NO_ITEM
try:
- rule = create_rule(rulespec, host, item)
+ rule = create_rule(rulespec, host, escape_regex_chars(item))
except Exception, e:
if phase != "action":
html.message(_("Cannot create rule: %s") % e)