diff options
author | 2025-10-02 11:51:08 +0200 | |
---|---|---|
committer | 2025-10-02 11:51:08 +0200 | |
commit | 48d0f1f0b94fe6538bec54559e6e1f1609877039 (patch) | |
tree | a964726ec9087cfea5b0b6b7909dd31886794b20 | |
parent | a931cb61a033949a9cc6a1b62bc1e267774b04a6 (diff) |
This is not a proof, but a line also ending with a curly bracket
has higher probability of being valid JSON.
Better safe than sorry... We are suffering a CVE in RouterOS:
https://www.cve.org/CVERecord?id=CVE-2025-10948
-rw-r--r-- | fw-addr-lists.rsc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/fw-addr-lists.rsc b/fw-addr-lists.rsc index 0c45f7e..d56d40f 100644 --- a/fw-addr-lists.rsc +++ b/fw-addr-lists.rsc @@ -103,7 +103,7 @@ :foreach Line in=[ :deserialize $Data delimiter="\n" from=dsv options=dsv.plain ] do={ :set Line ($Line->0); :local Address; - :if ([ :pick $Line 0 1 ] = "{") do={ + :if ([ :pick $Line 0 1 ] = "{" && [ :pick $Line ([ :len $Line ] - 1) ] = "}") do={ :do { :set Address [ :tostr ([ :deserialize from=json $Line ]->"cidr") ]; } on-error={ } |