diff options
author | Evgeny Yurchenko <ey@tm-k.com> | 2011-07-07 20:46:21 -0400 |
---|---|---|
committer | Evgeny Yurchenko <ey@tm-k.com> | 2011-07-07 20:46:21 -0400 |
commit | 5909b520a76b5440e306c9aaef32e4f99fffb2b7 (patch) | |
tree | 54a21b0fb4a175ff8b1f30deb097217259ebefca /usr/local | |
parent | 9bc59815c6eba7051a401404d4d0b0c7842a9d2f (diff) | |
download | pfsense-5909b520a76b5440e306c9aaef32e4f99fffb2b7.zip pfsense-5909b520a76b5440e306c9aaef32e4f99fffb2b7.tar.gz |
Bug #1639. Port alias missing input validation in firewall_rules_edit.php.
Diffstat (limited to 'usr/local')
-rwxr-xr-x | usr/local/www/firewall_rules_edit.php | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/usr/local/www/firewall_rules_edit.php b/usr/local/www/firewall_rules_edit.php index 97493bf..a100065 100755 --- a/usr/local/www/firewall_rules_edit.php +++ b/usr/local/www/firewall_rules_edit.php @@ -302,6 +302,26 @@ if ($_POST) { $input_errors[] = sprintf(gettext("%s is not a valid start destination port. It must be a port alias or integer between 1 and 65535."),$_POST['dstbeginport']); if ($_POST['dstendport'] && !is_portoralias($_POST['dstendport'])) $input_errors[] = sprintf(gettext("%s is not a valid end destination port. It must be a port alias or integer between 1 and 65535."),$_POST['dstendport']); + if ( !$_POST['srcbeginport_cust'] && $_POST['srcendport_cust']) + if (is_alias($_POST['srcendport_cust'])) + $input_errors[] = 'If you put port alias in Source port range to: field you must put the same port alias in from: field'; + if ( $_POST['srcbeginport_cust'] && $_POST['srcendport_cust']){ + if (is_alias($_POST['srcendport_cust']) && is_alias($_POST['srcendport_cust']) && $_POST['srcbeginport_cust'] != $_POST['srcendport_cust']) + $input_errors[] = 'The same port alias must be used in Source port range from: and to: fields'; + if ((is_alias($_POST['srcbeginport_cust']) && (!is_alias($_POST['srcendport_cust']) && $_POST['srcendport_cust']!='')) || + ((!is_alias($_POST['srcbeginport_cust']) && $_POST['srcbeginport_cust']!='') && is_alias($_POST['srcendport_cust']))) + $input_errors[] = 'You cannot specify numbers and port aliases at the same time in Source port range from: and to: field'; + } + if ( !$_POST['dstbeginport_cust'] && $_POST['dstendport_cust']) + if (is_alias($_POST['dstendport_cust'])) + $input_errors[] = 'If you put port alias in Destination port range to: field you must put the same port alias in from: field'; + if ( $_POST['dstbeginport_cust'] && $_POST['dstendport_cust']){ + if (is_alias($_POST['dstendport_cust']) && is_alias($_POST['dstendport_cust']) && $_POST['dstbeginport_cust'] != $_POST['dstendport_cust']) + $input_errors[] = 'The same port alias must be used in Destination port range from: and to: fields'; + if ((is_alias($_POST['dstbeginport_cust']) && (!is_alias($_POST['dstendport_cust']) && $_POST['dstendport_cust']!='')) || + ((!is_alias($_POST['dstbeginport_cust']) && $_POST['dstbeginport_cust']!='') && is_alias($_POST['dstendport_cust']))) + $input_errors[] = 'You cannot specify numbers and port aliases at the same time in Destination port range from: and to: field'; + } /* if user enters an alias and selects "network" then disallow. */ if($_POST['srctype'] == "network") { |