${file} in page causes failure

[dwrolvink]

I have a weird issue. A page wasn't loading, and it turned out to be because of this code block:

${file}; 

More testing:

• ${file} anywhere, inside or outside codeblocks, will cause markserv to just keep loading
• ${fil}, ${a}, etc, doesn't give me any problems.

Does anyone have an idea why this happens? Sounds like possible code injection vulnerability perhaps?

[F1LT3R]

That's really odd.

Can you supply a test case file/snippet?

[F1LT3R]

I see what you're seeing. It's a bug in templating.

It assumes you're giving Markserv a file to include, eg: {file: somethingElse.md}.

If no link is supplied the behavior should be to not try and continue loading the file.

This fixes your problem:

// libs/server.js: 323

		file: (url, opts) => new Promise(resolve => {
			if (!url) {
				return resolve(false)
			}

Will try to get a fix for this soon.

That being said, there's a deeper issue here. Templating should be more solid, and I'm not sure it's actually being used by people. Perhaps it should be turned off by default.

Do you use templating?

[dwrolvink]

Hi, thanks for your reply! (Sorry for not responding earlier, the mail got lost in the "Forum" section of my mail, and I don't see any notifs in github).

I did not turn templating on, nor did I turn it off. I don't have a use for templating yet.

One would assume anything in a code block is escaped. So maybe parsing template code in a code block should be turned off entirely?

I tried common escape characters on ${file}, but though they helped the issue, they did so by showing up in the printed code block. That begs the question how one would make a markdown page about templating 😄

I'll try your solution today or tomorrow! (And afterwards I'll probably turn templating off).

[dwrolvink]

Your solution works like a charm!

For others having the same issue:
I installed markserv using yarn, and the global tag, so for me server.js is in ~/.config/yarn/global/node_modules/markserv/lib/.

• Just add the code that F1LT3R supplied, so you get:

               file: (url, opts) => new Promise(resolve => {
                        if (!url) {
                                return resolve(false)
                        }
                        const absUrl = path.join(opts.baseDir, url)
                        getFile(absUrl)
                                .then(data => {
                                        msg('implant', style.link(absUrl), flags)
                                        resolve(data)
                                })
                                .catch(err => {
                                        warnmsg('implant 404', style.link(absUrl), flags, err)
                                        resolve(false)
                                })
                }),

• Restart markserv

[Max-Z80]

I have the same problem; I have applied the solution described here and it solved it as well. I am running markserv 1.17.4. I would like to know when this issue is going to be fixed. It's been 1 year now... Thanks.

[F1LT3R]

Would you like to submit a PR @Max-Z80 ?

[Max-Z80]

@F1LT3R Sure !
But
Pre-commit tests are failiing.

max@boulot ~/git/markserv $ git commit -m "it fixes markserv/markserv#82"
husky > pre-commit (node v10.20.1)

> markserv@1.17.4 test /home/max/git/markserv
> xo && npm run cover


> markserv@1.17.4 cover /home/max/git/markserv
> nyc --reporter=lcov --reporter=html --reporter=text ava



  5 tests passed
  12 uncaught exceptions

  Uncaught exception in tests/dir.test.js
  Uncaught exception in tests/service.test.js
  Uncaught exception in tests/markserv-cli.test.js
  Uncaught exception in tests/markserv-cli-readme.test.js
  Uncaught exception in tests/markserv-cli-readme-dir-down.test.js
  Uncaught exception in tests/markserv-cli-file.test.js
  Uncaught exception in tests/markserv-cli-file.test.js
  Uncaught exception in tests/markserv-cli-file-diff-dir.test.js
  Uncaught exception in tests/markserv-cli-file-diff-dir.test.js
  Uncaught exception in tests/implant-less.test.js
  Uncaught exception in tests/implant-file.test.js
  Uncaught exception in tests/error-page-404.test.js

-------------|---------|----------|---------|---------|-----------------------------------------------------------------------------------------------------
File         | % Stmts | % Branch | % Funcs | % Lines | Uncovered Line #s                                                                                   
-------------|---------|----------|---------|---------|-----------------------------------------------------------------------------------------------------
All files    |   45.23 |    34.68 |   27.27 |   45.29 |                                                                                                     
 cli-defs.js |     100 |      100 |     100 |     100 |                                                                                                     
 cli.js      |   90.32 |    66.67 |     100 |   90.32 | 18,41,56                                                                                            
 readme.js   |   86.27 |    54.55 |     100 |   86.27 | 25-26,37,44-45,67,92                                                                                
 server.js   |    34.2 |    23.26 |   20.51 |   34.12 | ...,215-247,252,257-258,263-264,269-295,313-374,382-532,551,559-570,595-620,625-635,644-668,682,710 
 splash.js   |   66.67 |       75 |   33.33 |   66.67 | 6,14-20                                                                                             
-------------|---------|----------|---------|---------|-----------------------------------------------------------------------------------------------------
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! markserv@1.17.4 cover: `nyc --reporter=lcov --reporter=html --reporter=text ava`
npm ERR! Exit status 1
npm ERR! 
npm ERR! Failed at the markserv@1.17.4 cover script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

npm ERR! A complete log of this run can be found in:
npm ERR!     /home/max/.npm/_logs/2020-04-30T17_49_55_166Z-debug.log
npm ERR! Test failed.  See above for more details.
husky > pre-commit hook failed (add --no-verify to bypass)

Nothing obvious to me.

[Max-Z80]

Found out the problem. It was my environment. Turns out that my machine was configured to support localhost on a IPV6 address while my kernel does not support IPV6.

[F1LT3R]

Thanks @Max-Z80 - I'll take a look this weekend.

[F1LT3R]

Sorry I didn't finish this yet @Max-Z80 - I've not forgotten you. I ran into issues with Travis no reporting whether tests passed on your PR. I'll try and get back to you in the next few days.