diff options
author | Seth Mos <seth.mos@dds.nl> | 2011-08-24 11:36:06 +0200 |
---|---|---|
committer | Seth Mos <seth.mos@dds.nl> | 2011-08-24 11:36:06 +0200 |
commit | 1831a00d46d0cf42f60e1780fc0b147d147c486a (patch) | |
tree | ab157374f820d3d89d3310d37cb19464bdb2893c /usr/local | |
parent | c935003d50babb33e2c0e0771c0ee8a3503975b9 (diff) | |
download | pfsense-1831a00d46d0cf42f60e1780fc0b147d147c486a.zip pfsense-1831a00d46d0cf42f60e1780fc0b147d147c486a.tar.gz |
Add Address Family input validation on the system routes edit page. Do not allow IPv4 subnet masks > 32 bits.
Ticket #1661
Diffstat (limited to 'usr/local')
-rwxr-xr-x | usr/local/www/system_routes_edit.php | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/usr/local/www/system_routes_edit.php b/usr/local/www/system_routes_edit.php index 5847011..29be3c4 100755 --- a/usr/local/www/system_routes_edit.php +++ b/usr/local/www/system_routes_edit.php @@ -101,6 +101,8 @@ if ($_POST) { if ($_POST['gateway']) { if (!isset($a_gateways[$_POST['gateway']])) $input_errors[] = gettext("A valid gateway must be specified."); + if(!validate_address_family($_POST['network'], lookup_gateway_ip_by_name($_POST['gateway']))) + $input_errors[] = gettext("The gateway '{$a_gateways[$_POST['gateway']]['gateway']}' is a different Address Family as network '{$_POST['network']}'."); } /* check for overlaps */ @@ -108,7 +110,10 @@ if ($_POST) { $osn = Net_IPv6::compress(gen_subnetv6($_POST['network'], $_POST['network_subnet'])) . "/" . $_POST['network_subnet']; } if(is_ipaddrv4($_POST['network'])) { - $osn = gen_subnet($_POST['network'], $_POST['network_subnet']) . "/" . $_POST['network_subnet']; + if($_POST['network_subnet'] > 32) + $input_errors[] = gettext("A IPv4 subnet can not be over 32 bits."); + else + $osn = gen_subnet($_POST['network'], $_POST['network_subnet']) . "/" . $_POST['network_subnet']; } foreach ($a_routes as $route) { if (isset($id) && ($a_routes[$id]) && ($a_routes[$id] === $route)) |