diff options
| author | jim-p <jimp@pfsense.org> | 2014-08-04 15:23:51 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2014-08-04 15:23:51 -0400 |
| commit | 46d3f6a6362e15e188b77d9992f59a9ff3afe781 (patch) | |
| tree | 27ca4e4c15d411111c7422d88b9fad95d3c3c1e9 /usr/local/www/diag_testport.php | |
| parent | aeb44799f3693c198c48926c85b4468a6dccb9f9 (diff) | |
| download | pfsense-46d3f6a6362e15e188b77d9992f59a9ff3afe781.zip pfsense-46d3f6a6362e15e188b77d9992f59a9ff3afe781.tar.gz | |
Fix input validation logic on diag_testport.php, escape more shell arguments for good measure
Diffstat (limited to 'usr/local/www/diag_testport.php')
| -rw-r--r-- | usr/local/www/diag_testport.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/usr/local/www/diag_testport.php b/usr/local/www/diag_testport.php index bfc0a59..b04a9d7 100644 --- a/usr/local/www/diag_testport.php +++ b/usr/local/www/diag_testport.php @@ -68,7 +68,7 @@ if ($_POST || $_REQUEST['host']) { $input_errors[] = gettext("Please enter a valid port number."); } - if (is_numeric($_REQUEST['srcport']) && !is_port($_REQUEST['srcport'])) { + if (!is_numeric($_REQUEST['srcport']) || !is_port($_REQUEST['srcport'])) { $input_errors[] = gettext("Please enter a valid source port number, or leave the field blank."); } @@ -198,11 +198,11 @@ include("head.inc"); ?> echo "<textarea id=\"testportCaptured\" style=\"width:98%\" name=\"code\" rows=\"15\" cols=\"66\" readonly=\"readonly\">"; $result = ""; $nc_base_cmd = "/usr/bin/nc"; - $nc_args = "-w {$timeout}"; + $nc_args = "-w " . escapeshellarg($timeout); if (!$showtext) $nc_args .= " -z "; if (!empty($srcport)) - $nc_args .= " -p {$srcport} "; + $nc_args .= " -p " . escapeshellarg($srcport) . " "; /* Attempt to determine the interface address, if possible. Else try both. */ if (is_ipaddrv4($host)) { |
