From e7940d2e0af509473ad7ced0fee15c828965123b Mon Sep 17 00:00:00 2001
From: Phil Davis <phil.davis@inf.org>
Date: Fri, 1 Jan 2016 14:48:44 +0545
Subject: Fix redmine #5722 DHCP validation for master

---
 src/usr/local/www/services_dhcp.php | 26 ++++++++++++--------------
 1 file changed, 12 insertions(+), 14 deletions(-)

(limited to 'src/usr')

diff --git a/src/usr/local/www/services_dhcp.php b/src/usr/local/www/services_dhcp.php
index a30a488..da24b93 100644
--- a/src/usr/local/www/services_dhcp.php
+++ b/src/usr/local/www/services_dhcp.php
@@ -136,6 +136,12 @@ if (is_array($config['dhcpd'][$if])) {
 	} else {
 		$dhcpdconf = &$config['dhcpd'][$if];
 	}
+
+	if (!is_array($config['dhcpd'][$if]['staticmap'])) {
+		$dhcpdconf['staticmap'] = array();
+	}
+
+	$a_maps = &$config['dhcpd'][$if]['staticmap'];
 }
 if (is_array($dhcpdconf)) {
 	// Global Options
@@ -156,12 +162,6 @@ if (is_array($dhcpdconf)) {
 		}
 
 		$pconfig['dhcpleaseinlocaltime'] = $dhcpleaseinlocaltime;
-
-		if (!is_array($dhcpdconf['staticmap'])) {
-			$dhcpdconf['staticmap'] = array();
-		}
-
-		$a_maps = &$dhcpdconf['staticmap'];
 	} else {
 		// Options that exist only in pools
 		$pconfig['descr'] = $dhcpdconf['descr'];
@@ -412,10 +412,8 @@ if (isset($_POST['submit'])) {
 			}
 
 			if (is_numeric($pool) || ($act == "newpool")) {
-				$rfrom = $config['dhcpd'][$if]['range']['from'];
-				$rto = $config['dhcpd'][$if]['range']['to'];
-
-				if (is_inrange_v4($_POST['range_from'], $rfrom, $rto) || is_inrange_v4($_POST['range_to'], $rfrom, $rto)) {
+				if (!((ip2ulong($_POST['range_from']) > ip2ulong($config['dhcpd'][$if]['range']['to'])) ||
+				      (ip2ulong($_POST['range_to']) < ip2ulong($config['dhcpd'][$if]['range']['from'])))) {
 					$input_errors[] = gettext("The specified range must not be within the DHCP range for this interface.");
 				}
 			}
@@ -425,8 +423,8 @@ if (isset($_POST['submit'])) {
 					continue;
 				}
 
-				if (is_inrange_v4($_POST['range_from'], $p['range']['from'], $p['range']['to']) ||
-				    is_inrange_v4($_POST['range_to'], $p['range']['from'], $p['range']['to'])) {
+				if (!((ip2ulong($_POST['range_from']) > ip2ulong($p['range']['to'])) ||
+				      (ip2ulong($_POST['range_to']) < ip2ulong($p['range']['from'])))) {
 					$input_errors[] = gettext("The specified range must not be within the range configured on a DHCP pool for this interface.");
 					break;
 				}
@@ -444,8 +442,8 @@ if (isset($_POST['submit'])) {
 					if (empty($map['ipaddr'])) {
 						continue;
 					}
-					if ((ip2ulong($map['ipaddr']) > $dynsubnet_start) &&
-					    (ip2ulong($map['ipaddr']) < $dynsubnet_end)) {
+					if ((ip2ulong($map['ipaddr']) >= $dynsubnet_start) &&
+					    (ip2ulong($map['ipaddr']) <= $dynsubnet_end)) {
 						$input_errors[] = sprintf(gettext("The DHCP range cannot overlap any static DHCP mappings."));
 						break;
 					}
-- 
cgit v1.1