Bug #2494
closed
diag_packet_capture.php needs input validation
100%
Description
diag_packet_capture.php does minimal if any input validation. Every field on that page needs to be verified.
Interface: Valid interface is submitted
Address family: valid address family submitted
Host address: Valid IP address or CIDR subnet
Port: 1-65535
Packet length: positive integer
Count: positive integer
Level of detail: one of the options in the drop down
Updated by Jim Pingle over 12 years ago
Some of this is already done but doesn't actually report an error to the user, it simply leaves the invalid parameters out of the tcpdump command.
Might need to rework the page a bit to properly produce errors for invalid input.
Updated by Darren Embry over 12 years ago
- Status changed from New to Resolved
- % Done changed from 0 to 100
fixed in github.
not quite sure that dropdowns need additional validation because you can't select an option that isn't in the dropdown ;-) and 'any' is a valid option for some of them.
Updated by Darren Embry over 12 years ago
- Status changed from Resolved to Assigned
Updated by Darren Embry over 12 years ago
- Status changed from Assigned to Feedback
- % Done changed from 90 to 100
Applied in changeset 622caf8fee84e0744da2b4cd9ea5d1fc4c499388.
Updated by Jim Pingle over 12 years ago
- Status changed from Feedback to Resolved