Input validation and encoding of IGMP proxy addresses. Issue #9294

(cherry picked from commit 261916e5d3f833a58d5cef1afdadc7495ec2c74b)

2 files changed, 9 insertions, 4 deletions

diff --git a/src/usr/local/www/services_igmpproxy.php b/src/usr/local/www/services_igmpproxy.php
index 0271436..cd73c9c 100644
--- a/src/usr/local/www/services_igmpproxy.php
+++ b/src/usr/local/www/services_igmpproxy.php
@@ -135,7 +135,7 @@ foreach ($a_igmpproxy as $igmpentry):
 							<td>
 <?php
 	$addresses = implode(", ", array_slice(explode(" ", $igmpentry['address']), 0, 10));
-	print($addresses);
+	print(htmlspecialchars($addresses));
 
 	if (!is_array($igmpentry['address']) || count($igmpentry['address']) < 10) {
 		print(' ');
diff --git a/src/usr/local/www/services_igmpproxy_edit.php b/src/usr/local/www/services_igmpproxy_edit.php
index 943c0b1..251de01 100644
--- a/src/usr/local/www/services_igmpproxy_edit.php
+++ b/src/usr/local/www/services_igmpproxy_edit.php
@@ -83,9 +83,14 @@ if ($_POST['save']) {
 			$address .= " ";
 		}
 
-		$address .= $_POST["address{$x}"];
-		$address .= "/" . $_POST["address_subnet{$x}"];
-		$isfirst++;
+		$this_addr =  $_POST["address{$x}"] . "/" . $_POST["address_subnet{$x}"];
+		if (is_subnet($this_addr)) {
+			$address .= $this_addr;
+			$isfirst++;
+		} else {
+			$input_errors[] = sprintf(gettext("The following submitted address is invalid: %s"), $this_addr);
+		}
+
 		$x++;
 	}