diff --git a/lib/Agent/Helpers.pm b/lib/Agent/Helpers.pm
index 24caae8..c0155e4 100644
--- a/lib/Agent/Helpers.pm
+++ b/lib/Agent/Helpers.pm
@@ -168,6 +168,10 @@ sub _execute($$$) {
my $config_file = $main::agent->config_file;
$params = '' unless defined($params);
+ if ($params !~ /^[\w\. \:\-]*$/) {
+ _exit_error("ERROR: Invalid Parameter");
+ }
+
DEBUG "Executing $path $config_file $params";
my $res = `$path $config_file $params 2>&1`;
diff --git a/lib/Agent/Helpers/Network.pm b/lib/Agent/Helpers/Network.pm
index 8ef4468..b0d5a8b 100644
--- a/lib/Agent/Helpers/Network.pm
+++ b/lib/Agent/Helpers/Network.pm
@@ -33,6 +33,10 @@ sub check_ip($$) {
my $if = shift;
my $ip = shift;
+ if ($ip !~ /^[\d\.]*$/) {
+ _exit_error("ERROR: Invalid IP Address");
+ }
+
my $output;
if ($OSNAME eq 'linux') {
$output = `/sbin/ip addr show dev $if`;
@@ -65,6 +69,10 @@ sub add_ip($$) {
my $if = shift;
my $ip = shift;
+ if ($ip !~ /^[\d\.]*$/) {
+ _exit_error("ERROR: Invalid IP Address");
+ }
+
my $output;
if ($OSNAME eq 'linux') {
$output = `/sbin/ip addr add $ip/32 dev $if`;
@@ -101,6 +109,10 @@ sub clear_ip($$) {
my $if = shift;
my $ip = shift;
+ if ($ip !~ /^[\d\.]*$/) {
+ _exit_error("ERROR: Invalid IP Address");
+ }
+
my $output;
if ($OSNAME eq 'linux') {
$output = `/sbin/ip addr del $ip/32 dev $if`;
@@ -130,6 +142,9 @@ sub send_arp($$) {
my $if = shift;
my $ip = shift;
+ if ($ip !~ /^[\d\.]*$/) {
+ _exit_error("ERROR: Invalid IP Address");
+ }
if ($OSNAME eq 'linux' || $OSNAME eq 'freebsd') {
my $mac = '';
diff --git a/lib/Common/Role.pm b/lib/Common/Role.pm
index 7cd4dc9..211ab5f 100644
--- a/lib/Common/Role.pm
+++ b/lib/Common/Role.pm
@@ -59,7 +59,7 @@ sub from_string($$) {
my $class = shift;
my $string = shift;
- if (my ($name, $ip) = $string =~ /(.*)\((.*)\)/) {
+ if (my ($name, $ip) = $string =~ /^([\w_\.\-]+)\(([\d\.]+)\)$/) {
return $class->new(name => $name, ip => $ip);
}
return undef;
diff --git a/lib/Common/Socket.pm b/lib/Common/Socket.pm
index 6adecd1..38e1f7b 100644
--- a/lib/Common/Socket.pm
+++ b/lib/Common/Socket.pm
@@ -80,6 +80,7 @@ sub create_sender($$$) {
SSL_cert_file => $main::config->{'socket'}->{cert_file},
SSL_key_file => $main::config->{'socket'}->{key_file},
SSL_ca_file => $main::config->{'socket'}->{ca_file},
+ SSL_verify_mode => 0x03 # SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT
);
}