From bbd5c40d41f5463a001d6a5faec09530e6a9b5c1 Mon Sep 17 00:00:00 2001 From: Felix Fietkau Date: Thu, 29 Sep 2005 16:45:01 +0000 Subject: [PATCH] add more input validation SVN-Revision: 2006 --- .../webif/files/usr/lib/webif/validate.awk | 24 +++++++++++++++++-- .../www/cgi-bin/webif/wireless-config.sh | 24 ++++++++++++------- 2 files changed, 37 insertions(+), 11 deletions(-) diff --git a/openwrt/package/webif/files/usr/lib/webif/validate.awk b/openwrt/package/webif/files/usr/lib/webif/validate.awk index 5ba4f664b4..77d4ff695c 100644 --- a/openwrt/package/webif/files/usr/lib/webif/validate.awk +++ b/openwrt/package/webif/files/usr/lib/webif/validate.awk @@ -58,6 +58,18 @@ $1 == "hostname" { } } +$1 == "string" { + valid_type = 1 +} + +$1 == "mac" { + valid_type = 1 + if ((value != "") && (value !~ /^[0-9a-fA-F][0-9a-fA-F]*:[0-9a-fA-F][0-9a-fA-F]*:[0-9a-fA-F][0-9a-fA-F]*:[0-9a-fA-F][0-9a-fA-F]*:[0-9a-fA-F][0-9a-fA-F]*:[0-9a-fA-F][0-9a-fA-F]*$/)) { + valid = 0 + verr = "Invalid value" + } +} + valid_type != 1 { valid = 0 } valid == 1 { @@ -65,17 +77,25 @@ valid == 1 { for (i = 1; (valid == 1) && (i <= n); i++) { if (options[i] == "required") { if (value == "") { valid = 0; verr = "No value entered" } - } else if (options[i] ~ /^min=/) { + } else if ((options[i] ~ /^min=/) && (value != "")) { if ($1 == "int") { min = options[i] sub(/^min=/, "", min) if (value < min) { valid = 0; verr = "Value too small" } + } else if ($1 == "string") { + min = options[i] + sub(/^min=/, "", min) + if (length(value) < min) { valid = 0; verr = "Value too small" } } - } else if (options[i] ~ /^max=/) { + } else if ((options[i] ~ /^max=/) && (value != "")) { if ($1 == "int") { max = options[i] sub(/^max=/, "", max) if (value > max) { valid = 0; verr = "Value too large" } + } else if ($1 == "string") { + max = options[i] + sub(/^max=/, "", max) + if (length(value) > max) { valid = 0; verr = "Value too large" } } } else if ((options[i] == "nodots") && ($1 == "hostname")) { if (value ~ /\./) { diff --git a/openwrt/package/webif/files/www/cgi-bin/webif/wireless-config.sh b/openwrt/package/webif/files/www/cgi-bin/webif/wireless-config.sh index 4eb498ea6e..0eb1e96252 100755 --- a/openwrt/package/webif/files/www/cgi-bin/webif/wireless-config.sh +++ b/openwrt/package/webif/files/www/cgi-bin/webif/wireless-config.sh @@ -3,6 +3,7 @@ . /usr/lib/webif/webif.sh load_settings "wireless" + WDS=${wl0_wds:-$(nvram get wl0_wds)} WDS="${WDS# }" [ -z "$FORM_wdsremove" ] || { @@ -22,14 +23,16 @@ END { print "" }') save_setting wireless wl0_wds "$WDS" FORM_submit="" } -[ -z "$FORM_wdssubmit" ] || { - # FIXME: add input validation - WDS="$WDS $FORM_newmac" - WDS="${WDS# }" - save_setting wireless wl0_wds "$WDS" +[ \! -z "$FORM_wdssubmit" ] && { + validate "mac|FORM_newmac|WDS MAC address||$FORM_newmac" && { + WDS="$WDS $FORM_newmac" + WDS="${WDS# }" + save_setting wireless wl0_wds "$WDS" + } FORM_submit="" } if [ -z "$FORM_submit" ]; then + FORM_newmac=${FORM_newmac:-00:00:00:00:00:00} FORM_mode=${wl0_mode:-$(nvram get wl0_mode)} FORM_ssid=${wl0_ssid:-$(nvram get wl0_ssid)} FORM_encryption=off @@ -96,13 +99,16 @@ if [ -z "$FORM_submit" ]; then FORM_key=${key:-1} else SAVED=1 - [ "$FORM_encryption" = "wpa" ] && VALIDATE_RADIUS="required" + [ "$FORM_encryption" = "wpa" ] && V_RADIUS="required" + [ "$FORM_encryption" = "psk" ] && V_PSK="required" validate " -ip|FORM_radius_ipaddr|RADIUS IP address|$VALIDATE_RADIUS|$FORM_radius_ipaddr +ip|FORM_radius_ipaddr|RADIUS IP address|$V_RADIUS|$FORM_radius_ipaddr wep|FORM_key1|WEP key 1||$FORM_key1 wep|FORM_key2|WEP key 2||$FORM_key2 wep|FORM_key3|WEP key 3||$FORM_key3 -wep|FORM_key4|WEP key 4||$FORM_key4" && { +wep|FORM_key4|WEP key 4||$FORM_key4 +string|FORM_wpa_psk|WPA pre-shared key|min=8 max=63 $V_PSK|$FORM_wpa_psk +string|FORM_radius_key|RADIUS server key|min=4 max=63 $V_RADIUS|$FORM_radius_key" && { save_setting wireless wl0_mode "$FORM_mode" save_setting wireless wl0_ssid "$FORM_ssid" case "$FORM_aes$FORM_tkip" in @@ -238,7 +244,7 @@ $0 ~ /^[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]:[0-9A ' ?> - + -- 2.30.2