Project

General

Profile

Actions
Copy link

Bug #7163

closed

IGMP Proxy does not valid inputs

Added by Phillip Davis almost 8 years ago. Updated over 4 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Renato Botelho
Category:
IGMP Proxy
Target version:
2.5.0
Start date:
01/25/2017
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
All
Affected Architecture:

Description

IGMP Proxy Edit

Threshold: no validation is done, I can put "abc" "-42"... - I think it must be a positive integer, 1 to some max like 255.

Networks: no validation is done, I can put "w.x.y.z" - IPv4 networks should be allowed, I don;t think IPv6 addresses should be allowed.
The Networks field has setPattern('[a-zA-Z0-9_.:]+') - why is that? Are host/domain names somehow possible here?

Actions
Copy link
 #1

Updated by Phillip Davis almost 8 years ago

If someone confirms what the validation requirements are, I can make it so.

Actions
Copy link
 #2

Updated by Jim Thompson almost 8 years ago

  • Assignee set to Jim Pingle
Actions
Copy link
 #3

Updated by Jim Pingle almost 8 years ago

  • Assignee changed from Jim Pingle to Phillip Davis

In the config for igmpproxy, Network populates altnet and has to be in subnet format. Since the GUI has a drop-down for the CIDR/Prefix, that means Networks should validate an IP address only. As far as I can tell it can't use hostnames or aliases. The GUI code reassembles the value into subnet style before storing it in a space-separated list. So it should be tested before it gets that far.

"threshold" has no limits in the igmpproxy source or documentation but given that it is compared to a TTL, I'd say it should be limited to nearly the same range as a TTL, allowing for it to be set lower or higher than the possible values for a TTL.

Packets with a lower TTL than the threshol[d] value will be ignored. This setting is optional, and by default the threshold is 1.

Given that, perhaps -1-256 could be the allowed range. -1 would ignore nothing, 256 would ignore everything (which doesn't seem to make sense, but...)

Feel free to take a shot at the validation, Phil. If you don't have time right now then I can do it.

Actions
Copy link
 #4

Updated by Viktor Gurov almost 5 years ago

Actions
Copy link
 #5

Updated by Jim Pingle almost 5 years ago

  • Status changed from New to Pull Request Review
  • Target version set to 2.5.0
Actions
Copy link
 #6

Updated by Renato Botelho almost 5 years ago

  • Status changed from Pull Request Review to Feedback
  • Assignee changed from Phillip Davis to Renato Botelho
  • % Done changed from 0 to 100

PR has been merged. Thanks!

Actions
Copy link
 #7

Updated by Viktor Gurov over 4 years ago

  • Status changed from Feedback to Resolved

works as expected on 2.5.0.a.20200220.1948

Actions
Copy link

Also available in: Atom PDF