diag_packet_capture.php needs input validation
|Assignee:||Darren Embry||% Done:||
|Affected version:||All||Affected Architecture:|
diag_packet_capture.php does minimal if any input validation. Every field on that page needs to be verified.
Interface: Valid interface is submitted
Address family: valid address family submitted
Host address: Valid IP address or CIDR subnet
Packet length: positive integer
Count: positive integer
Level of detail: one of the options in the drop down
Some of this is already done but doesn't actually report an error to the user, it simply leaves the invalid parameters out of the tcpdump command.
Might need to rework the page a bit to properly produce errors for invalid input.
#2 Updated by Darren Embry 11 months ago
- Status changed from New to Resolved
- % Done changed from 0 to 100
fixed in github.
not quite sure that dropdowns need additional validation because you can't select an option that isn't in the dropdown ;-) and 'any' is a valid option for some of them.
#5 Updated by Darren Embry 11 months ago
- Status changed from Assigned to Feedback
- % Done changed from 90 to 100
Applied in changeset 622caf8fee84e0744da2b4cd9ea5d1fc4c499388.