From 0548783251c1e98d6e9d93c75fcb967ef63c4904 Mon Sep 17 00:00:00 2001
From: Chris Buechler <cmb@pfsense.org>
Date: Thu, 17 Dec 2015 22:14:39 -0600
Subject: Add range validation to CP IP passthrough. Ticket #5655

---
 usr/local/www/services_captiveportal_ip_edit.php | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

(limited to 'usr/local/www/services_captiveportal_ip_edit.php')

diff --git a/usr/local/www/services_captiveportal_ip_edit.php b/usr/local/www/services_captiveportal_ip_edit.php
index 4ad066a..7d5becb 100644
--- a/usr/local/www/services_captiveportal_ip_edit.php
+++ b/usr/local/www/services_captiveportal_ip_edit.php
@@ -108,11 +108,18 @@ if ($_POST) {
 	if ($_POST['sn'] && (!is_numeric($_POST['sn']) || ($_POST['sn'] < 1) || ($_POST['sn'] > 32)))
 		$input_errors[] = gettext("A valid subnet mask must be specified");
 	
-	if ($_POST['bw_up'] && !is_numeric($_POST['bw_up']))
+	if ($_POST['bw_up'] && !is_numeric($_POST['bw_up'])) {
 		$input_errors[] = gettext("Upload speed needs to be an integer");
-
-	if ($_POST['bw_down'] && !is_numeric($_POST['bw_down']))
+	}
+	if ($_POST['bw_up'] && ($_POST['bw_up'] > 999999 || $_POST['bw_up'] < 1)) {
+		$input_errors[] = gettext("Upload speed must be between 1 and 999999");
+	}
+	if ($_POST['bw_down'] && !is_numeric($_POST['bw_down'])) {
 		$input_errors[] = gettext("Download speed needs to be an integer");
+	}
+	if ($_POST['bw_down'] && ($_POST['bw_down'] > 999999 || $_POST['bw_down'] < 1)) {
+		$input_errors[] = gettext("Download speed must be between 1 and 999999");
+	}
 
 	foreach ($a_allowedips as $ipent) {
 		if (isset($id) && ($a_allowedips[$id]) && ($a_allowedips[$id] === $ipent))
-- 
cgit v1.1