Project

General

Profile

Actions

Regression #12245

closed

Input validation error in system.php

Added by Steve Wheeler 4 months ago. Updated about 1 month ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Web Interface
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
22.01
Release Notes:
Force Exclusion
Affected Version:
2.6.0
Affected Architecture:
All

Description

The input validation in system.php incorrectly prevents numeric hostnames in 2.6 and 21.09. For example '3100' or '2600'.

This is a regression since 2.5.2 / 21.05

Tested:

21.09-DEVELOPMENT (amd64)
built on Wed Aug 11 01:17:52 EDT 2021
FreeBSD 12.2-STABLE

2.6.0-DEVELOPMENT (amd64)
built on Wed Aug 11 01:15:06 EDT 2021
FreeBSD 12.2-STABLE


Files


Related issues

Related to Bug #12000: Remote log server input validation allows invalid valuesResolvedViktor Gurov06/06/2021

Actions
Actions #1

Updated by Viktor Gurov 4 months ago

related to #12000

Actions #2

Updated by Renato Botelho 4 months ago

  • Assignee set to Viktor Gurov
Actions #3

Updated by Jim Pingle 4 months ago

  • Related to Bug #12000: Remote log server input validation allows invalid values added
Actions #5

Updated by Jim Pingle 4 months ago

  • Status changed from New to Pull Request Review
Actions #6

Updated by Viktor Gurov 4 months ago

  • Status changed from Pull Request Review to Feedback

Merged

Actions #7

Updated by Steve Wheeler 4 months ago

This looks good now with that patch. I am able to use numeric hosts names. It still rejects invalid hosts that include the domain name etc.

Waiting to test the new snapshot after the merge.

Actions #8

Updated by Steve Wheeler 4 months ago

  • Status changed from Feedback to Resolved

This is now fixed in snapshots.

Tested:

2.6.0-DEVELOPMENT (amd64)
built on Wed Aug 18 01:08:59 EDT 2021
FreeBSD 12.2-STABLE

21.09-DEVELOPMENT (arm)
built on Wed Aug 18 01:11:54 EDT 2021
FreeBSD 12.2-STABLE

Actions #9

Updated by Jim Pingle 3 months ago

  • Release Notes changed from Default to Force Exclusion

Was a regression introduced after the last release and was never in a release, thus excluding from release notes.

Actions #10

Updated by Jim Pingle about 1 month ago

  • Plus Target Version changed from 21.09 to 22.01
Actions

Also available in: Atom PDF