This is an automated email from Gerrit. Andreas Fritiofson ([email protected]) just uploaded a new patch set to Gerrit, which you can find at http://openocd.zylin.com/4335
-- gerrit commit 98a97899e50c4e2b933636c2661afc169032ceb7 Author: Andreas Fritiofson <[email protected]> Date: Sat Jan 13 21:00:47 2018 +0100 Prevent some forms of Cross Protocol Scripting attacks OpenOCD can be targeted by a Cross Protocol Scripting attack from a web browser running malicious code, such as the following PoC: var x = new XMLHttpRequest(); x.open("POST", "http://127.0.0.1:4444";, true); x.send("exec xcalc\r\n"); This mitigation should provide some protection from browser-based attacks and is based on the corresponding fix in Redis: https://github.com/antirez/redis/blob/8075572207b5aebb1385c4f233f5302544439325/src/networking.c#L1758 Change-Id: Ia96ebe19b74b5805dc228bf7364c7971a90a4581 Signed-off-by: Andreas Fritiofson <[email protected]> Found-by: Josef Gajdusek <[email protected]> diff --git a/src/server/startup.tcl b/src/server/startup.tcl index 64ace40..dd1b31e 100644 --- a/src/server/startup.tcl +++ b/src/server/startup.tcl @@ -8,3 +8,14 @@ proc ocd_gdb_restart {target_id} { # one target reset halt } + +proc prevent_cps {} { + echo "Possible SECURITY ATTACK detected." + echo "It looks like somebody is sending POST or Host: commands to OpenOCD." + echo "This is likely due to an attacker attempting to use Cross Protocol Scripting" + echo "to compromise your OpenOCD instance. Connection aborted." + exit +} + +proc POST {args} { prevent_cps } +proc Host: {args} { prevent_cps } -- ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ OpenOCD-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openocd-devel
