diff options
| author | jim-p <jimp@pfsense.org> | 2014-08-04 15:23:51 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2014-08-04 15:25:48 -0400 |
| commit | 1de3a5dd51259be93371d6106f9f2ea689814d28 (patch) | |
| tree | 5fbbd340f363092e5d586f353fb2056643828a77 | |
| parent | 5a1450dc0c5c4808413b6154afdc305b82eed9ef (diff) | |
| download | pfsense-1de3a5dd51259be93371d6106f9f2ea689814d28.zip pfsense-1de3a5dd51259be93371d6106f9f2ea689814d28.tar.gz | |
Fix input validation logic on diag_testport.php, escape more shell arguments for good measure
| -rw-r--r-- | usr/local/www/diag_testport.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/usr/local/www/diag_testport.php b/usr/local/www/diag_testport.php index c8aa6a3..024172e 100644 --- a/usr/local/www/diag_testport.php +++ b/usr/local/www/diag_testport.php @@ -68,7 +68,7 @@ if ($_POST || $_REQUEST['host']) { $input_errors[] = gettext("Please enter a valid port number."); } - if (is_numeric($_REQUEST['srcport']) && !is_port($_REQUEST['srcport'])) { + if (!is_numeric($_REQUEST['srcport']) || !is_port($_REQUEST['srcport'])) { $input_errors[] = gettext("Please enter a valid source port number, or leave the field blank."); } @@ -189,11 +189,11 @@ include("head.inc"); ?> echo '<pre>'; $result = ""; $nc_base_cmd = "/usr/bin/nc"; - $nc_args = "-w {$timeout}"; + $nc_args = "-w " . escapeshellarg($timeout); if (!$showtext) $nc_args .= " -z "; if (!empty($srcport)) - $nc_args .= " -p {$srcport} "; + $nc_args .= " -p " . escapeshellarg($srcport) . " "; /* Attempt to determine the interface address, if possible. Else try both. */ if (is_ipaddrv4($host)) { |
