/ - Diff - pfSense - pfSense bugtracker

« Previous | Next »

Revision 28e2b611

Cast to string before ctype_digit() testing. Fixes #14702

     	$selector = '--';
     	$selector .= ($type == 'ike') ? 'ike' : 'child';
     	if (ctype_digit($uniqueid) && ($uniqueid > 0)) {
     	if (ctype_digit(strval($uniqueid)) && ($uniqueid > 0)) {
     		$selector .= '-id';
     		$term = $uniqueid;
     	} else {

     /* validate non-negative numeric string, or equivalent numeric variable */
     function is_numericint($arg) {
     	return (((is_int($arg) && $arg >= 0) || (is_string($arg) && strlen($arg) > 0 && ctype_digit($arg))) ? true : false);
     	return (((is_int($arg) && $arg >= 0) || (is_string($arg) && strlen($arg) > 0 && ctype_digit(strval($arg)))) ? true : false);
+    }
     /* Generate the (human readable) ipv4 or ipv6 subnet address (i.e., netmask, or subnet start IP)
-...
     		return false;
+    	}
     	if (!ctype_digit($values[0]) || !ctype_digit($values[1])) {
     	if (!ctype_digit(strval($values[0])) || !ctype_digit(strval($values[1]))) {
     		return false;
+    	}
-...
     /* returns true if $port is a valid TCP/UDP/SCTP port */
     function is_port($port) {
     	if (ctype_digit($port) && ((intval($port) >= 1) && (intval($port) <= 65535))) {
     	if (ctype_digit(strval($port)) && ((intval($port) >= 1) && (intval($port) <= 65535))) {
     		return true;
+    	}
     	if (getservbyname($port, "tcp") || getservbyname($port, "udp") || getservbyname($port, "sctp")) {

     							$string_part = 'proto ospf';
     							break;
     						default:
     							if (ctype_digit($value) && ($value >= 0 && $value <= 255)) {
     							if (ctype_digit(strval($value)) && ($value >= 0 && $value <= 255)) {
     								$string_part = "proto {$value}";
     							} else {
     								$input_error = "Invalid protocol: {$value}";

src/usr/local/pfSense/include/www/services_dnsmasq.inc
316	316	$entry = substr($key, 16);
317	317	$field = 'description';
318	318	}
319		if (ctype_digit($entry)) {
	319	if (ctype_digit(strval($entry))) {
320	320	$aliases[$entry][$field] = $value;
321	321	}
322	322	}

     	$numberoptions = array();
     	for ($x = 0; $x < 99; $x++) {
     		if (isset($_POST["number{$x}"]) && ctype_digit($_POST["number{$x}"])) {
     		if (isset($_POST["number{$x}"]) && ctype_digit(strval($_POST["number{$x}"]))) {
     			if ($_POST["number{$x}"] < 1 || $_POST["number{$x}"] > 254) {
     				$input_errors[] = gettext("The DHCP option must be a number between 1 and 254.");
     				continue;

     	$numberoptions = array();
     	for ($x = 0; $x < 99; $x++) {
     		if (isset($_POST["number{$x}"]) && ctype_digit($_POST["number{$x}"])) {
     		if (isset($_POST["number{$x}"]) && ctype_digit(strval($_POST["number{$x}"]))) {
     			if ($_POST["number{$x}"] < 1 || $_POST["number{$x}"] > 254) {
     				$input_errors[] = gettext("The DHCP option must be a number between 1 and 254.");
     				continue;

     	$numberoptions = array();
     	for ($x = 0; $x < 99; $x++) {
     		if (isset($_POST["number{$x}"]) && ctype_digit($_POST["number{$x}"])) {
     		if (isset($_POST["number{$x}"]) && ctype_digit(strval($_POST["number{$x}"]))) {
     			$numbervalue = array();
     			$numbervalue['number'] = htmlspecialchars($_POST["number{$x}"]);
     			$numbervalue['value'] = base64_encode($_POST["value{$x}"]);

src/usr/local/www/services_unbound_host_edit.php
109	109	$entry = substr($key, 16);
110	110	$field = 'description';
111	111	}
112		if (ctype_digit($entry)) {
	112	if (ctype_digit(strval($entry))) {
113	113	array_set_path($aliases, "{$entry}/{$field}", $value);
114	114	}
115	115	}

src/usr/local/www/system_certmanager.php
329	329	$field = 'value';
330	330	}
331	331
332		if (ctype_digit($entry)) {
	332	if (ctype_digit(strval($entry))) {
333	333	$entry++; // Pre-bootstrap code is one-indexed, but the bootstrap code is 0-indexed
334	334	$altnames[$entry][$field] = $value;
335	335	}

Also available in: Unified diff