diff options
| author | Brendan Coles <bcoles@gmail.com> | 2020-04-12 04:01:34 +0000 |
|---|---|---|
| committer | Andreas Kling <kling@serenityos.org> | 2020-04-12 10:33:35 +0200 |
| commit | 2d699cd5dac48dcdd4318edeb2a27c9a10770742 (patch) | |
| tree | 2b1cea5d307fec47de5f61c9726b12277a5a5d0e | |
| parent | c8d0a2eb3c88a4d0751245ca83a1d01a87f2bb91 (diff) | |
| download | serenity-2d699cd5dac48dcdd4318edeb2a27c9a10770742.zip | |
LibWeb: Add port blacklist for ResourceLoader::load
`ResourceLoader::load` now rejects URLs which specify a `port`
associated with network services known to be vulnerable to
inter-protocol exploitation.
Fixes #1735
| -rw-r--r-- | Libraries/LibWeb/ResourceLoader.cpp | 17 | ||||
| -rw-r--r-- | Libraries/LibWeb/ResourceLoader.h | 1 |
2 files changed, 18 insertions, 0 deletions
diff --git a/Libraries/LibWeb/ResourceLoader.cpp b/Libraries/LibWeb/ResourceLoader.cpp index 7ef40f5cf5..cddb11ca2a 100644 --- a/Libraries/LibWeb/ResourceLoader.cpp +++ b/Libraries/LibWeb/ResourceLoader.cpp @@ -67,6 +67,11 @@ void ResourceLoader::load_sync(const URL& url, Function<void(const ByteBuffer&)> void ResourceLoader::load(const URL& url, Function<void(const ByteBuffer&)> success_callback, Function<void(const String&)> error_callback) { + if (is_port_blocked(url.port())) { + dbg() << "ResourceLoader::load: Error: blocked port " << url.port() << " for URL: " << url; + return; + } + if (url.protocol() == "file") { auto f = Core::File::construct(); f->set_filename(url.path()); @@ -112,4 +117,16 @@ void ResourceLoader::load(const URL& url, Function<void(const ByteBuffer&)> succ error_callback(String::format("Protocol not implemented: %s", url.protocol().characters())); } +bool ResourceLoader::is_port_blocked(int port) { + int ports[] { 1, 7, 9, 11, 13, 15, 17, 19, 20, 21, 22, 23, 25, 37, 42, + 43, 53, 77, 79, 87, 95, 101, 102, 103, 104, 109, 110, 111, 113, + 115, 117, 119, 123, 135, 139, 143, 179, 389, 465, 512, 513, 514, + 515, 526, 530, 531, 532, 540, 556, 563, 587, 601, 636, 993, 995, + 2049, 3659, 4045, 6000, 6379, 6665, 6666, 6667, 6668, 6669, 9000 }; + for (auto blocked_port : ports) + if (port == blocked_port) + return true; + return false; +} + } diff --git a/Libraries/LibWeb/ResourceLoader.h b/Libraries/LibWeb/ResourceLoader.h index 4a98b16591..9adfc169ee 100644 --- a/Libraries/LibWeb/ResourceLoader.h +++ b/Libraries/LibWeb/ResourceLoader.h @@ -55,6 +55,7 @@ private: Protocol::Client& protocol_client() { return *m_protocol_client; } RefPtr<Protocol::Client> m_protocol_client; + bool is_port_blocked(int port); }; } |