Skip to content

O
OpnSense
Commit 5c8ceeae authored by Ad Schellevis's avatar Ad Schellevis
Browse files
Options

firewall_aliases_edit.php add some validations, closes https://github.com/opnsense/core/issues/810

parent 29ddac46
Show whitespace changes
Inline Side-by-side
Showing with 41 additions and 29 deletions
src/www/firewall_aliases_edit.php
View file @ 5c8ceeae
...@@ -94,7 +94,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { ...@@ -94,7 +94,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
} else { } else {
$pconfig['address'] = implode(' ',$pconfig['host_url']); $pconfig['address'] = implode(' ',$pconfig['host_url']);
} }
unset($pconfig['host_url']);
foreach ($pconfig['detail'] as &$detailDescr) { foreach ($pconfig['detail'] as &$detailDescr) {
if (empty($detailDescr)) { if (empty($detailDescr)) {
$detailDescr = sprintf(gettext("Entry added %s"), date('r')); $detailDescr = sprintf(gettext("Entry added %s"), date('r'));
...@@ -108,6 +108,18 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { ...@@ -108,6 +108,18 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
if (isset($pconfig['submit'])) { if (isset($pconfig['submit'])) {
$input_errors = array(); $input_errors = array();
// validate data // validate data
foreach ($pconfig['host_url'] as $detail_entry) {
if ($pconfig['type'] == 'host') {
if (!is_domain($detail_entry) && !is_ipaddr($detail_entry)) {
$input_errors[] = sprintf(gettext("%s doesn't appear to be a valid hostname or ip address"), $detail_entry) ;
}
} elseif ($pconfig['type'] == 'port') {
if (!is_port($detail_entry)) {
$input_errors[] = sprintf(gettext("%s doesn't appear to be a valid port number"), $detail_entry) ;
}
}
}
/* Check for reserved keyword names */ /* Check for reserved keyword names */
// Keywords not allowed in names // Keywords not allowed in names
...@@ -120,18 +132,18 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { ...@@ -120,18 +132,18 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
$reserved_ifs = get_configured_interface_list(false, true); $reserved_ifs = get_configured_interface_list(false, true);
$reserved_keywords = array_merge($reserved_keywords, $reserved_ifs, $reserved_table_names); $reserved_keywords = array_merge($reserved_keywords, $reserved_ifs, $reserved_table_names);
foreach($reserved_keywords as $rk) foreach ($reserved_keywords as $rk)
if($rk == $pconfig['name']) if ($rk == $pconfig['name'])
$input_errors[] = sprintf(gettext("Cannot use a reserved keyword as alias name %s"), $rk); $input_errors[] = sprintf(gettext("Cannot use a reserved keyword as alias name %s"), $rk);
/* check for name interface description conflicts */ /* check for name interface description conflicts */
foreach($config['interfaces'] as $interface) { foreach ($config['interfaces'] as $interface) {
if($interface['descr'] == $pconfig['name']) { if ($interface['descr'] == $pconfig['name']) {
$input_errors[] = gettext("An interface description with this name already exists."); $input_errors[] = gettext("An interface description with this name already exists.");
break; break;
} }
} }
if ( is_validaliasname($pconfig['name']) !== true) { if (is_validaliasname($pconfig['name']) !== true) {
$input_errors[] = gettext("The alias name must be less than 32 characters long and may only consist of the characters") . " a-z, A-Z, 0-9, _."; $input_errors[] = gettext("The alias name must be less than 32 characters long and may only consist of the characters") . " a-z, A-Z, 0-9, _.";
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023