diff mbox series

fwhosts.cgi: Fixes bug#13206 - no validation of location group name

Message ID 20230802200955.4802-1-adolf.belka@ipfire.org
State Staged
Commit d4c30a95e7ced6be67d573f3c9938400eef49c2c
Headers
Series fwhosts.cgi: Fixes bug#13206 - no validation of location group name |

Commit Message

Adolf Belka Aug. 2, 2023, 8:09 p.m. UTC 
  - Added validation code for the location group name. This is only validated when edited
   and not when created.
- The code was copied from the section for creating the Services Group Name or the
   Network/Host Group Name.

Fixes: Bug#13206
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
 html/cgi-bin/fwhosts.cgi | 3 +++
 1 file changed, 3 insertions(+)

Comments

Stefan Schantl Aug. 3, 2023, 6:33 a.m. UTC | #1 
Great patch.

Reviewed-by: Stefan Schantl <stefan.schantl@ipfire.org>
Am 2. August 2023 22:10:11 schrieb Adolf Belka <adolf.belka@ipfire.org>:

> - Added validation code for the location group name. This is only validated 
> when edited
>   and not when created.
> - The code was copied from the section for creating the Services Group Name 
> or the
>   Network/Host Group Name.
>
> Fixes: Bug#13206
> Tested-by: Adolf Belka <adolf.belka@ipfire.org>
> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
> ---
> html/cgi-bin/fwhosts.cgi | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/html/cgi-bin/fwhosts.cgi b/html/cgi-bin/fwhosts.cgi
> index baf745a0a..d6be6c40e 100644
> --- a/html/cgi-bin/fwhosts.cgi
> +++ b/html/cgi-bin/fwhosts.cgi
> @@ -693,6 +693,9 @@ if ($fwhostsettings{'ACTION'} eq 'savelocationgrp')
> 	&General::readhasharray("$fwconfiginp", \%fwinp);
> 	&General::readhasharray("$fwconfigout", \%fwout);
>
> +	# Check name
> +	if (!&validhostname($grp)){$errormessage.=$Lang::tr{'fwhost err name'};}
> +
> 	# Check for existing group name.
> 	if (!&checkgroup($grp) && $fwhostsettings{'update'} ne 'on'){
> 		$errormessage = $Lang::tr{'fwhost err grpexist'};
> --
> 2.41.0
diff mbox series

Patch

diff --git a/html/cgi-bin/fwhosts.cgi b/html/cgi-bin/fwhosts.cgi
index baf745a0a..d6be6c40e 100644
--- a/html/cgi-bin/fwhosts.cgi
+++ b/html/cgi-bin/fwhosts.cgi
@@ -693,6 +693,9 @@  if ($fwhostsettings{'ACTION'} eq 'savelocationgrp')
 	&General::readhasharray("$fwconfiginp", \%fwinp);
 	&General::readhasharray("$fwconfigout", \%fwout);
 
+	# Check name
+	if (!&validhostname($grp)){$errormessage.=$Lang::tr{'fwhost err name'};}
+
 	# Check for existing group name.
 	if (!&checkgroup($grp) && $fwhostsettings{'update'} ne 'on'){
 		$errormessage = $Lang::tr{'fwhost err grpexist'};