Project

General

Profile

Actions

Bug #2494

closed

diag_packet_capture.php needs input validation

Added by Chris Buechler over 9 years ago. Updated over 9 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Web Interface
Target version:
Start date:
06/12/2012
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
All
Affected Architecture:

Description

diag_packet_capture.php does minimal if any input validation. Every field on that page needs to be verified.
Interface: Valid interface is submitted
Address family: valid address family submitted
Host address: Valid IP address or CIDR subnet
Port: 1-65535
Packet length: positive integer
Count: positive integer
Level of detail: one of the options in the drop down

Actions #1

Updated by Jim Pingle over 9 years ago

Some of this is already done but doesn't actually report an error to the user, it simply leaves the invalid parameters out of the tcpdump command.

Might need to rework the page a bit to properly produce errors for invalid input.

Actions #2

Updated by Darren Embry over 9 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

fixed in github.

not quite sure that dropdowns need additional validation because you can't select an option that isn't in the dropdown ;-) and 'any' is a valid option for some of them.

Actions #3

Updated by Darren Embry over 9 years ago

  • Status changed from Resolved to Assigned
Actions #4

Updated by Darren Embry over 9 years ago

  • % Done changed from 100 to 90
Actions #5

Updated by Darren Embry over 9 years ago

  • Status changed from Assigned to Feedback
  • % Done changed from 90 to 100
Actions #6

Updated by Jim Pingle over 9 years ago

  • Status changed from Feedback to Resolved
Actions

Also available in: Atom PDF