Skip to content

Commit

Permalink
Pcap: Validate+Encode count & length. Fixes #14809
Browse files Browse the repository at this point in the history
  • Loading branch information
@jim-p
jim-p committed Sep 25, 2023
1 parent c81ecaf commit f72618c
Showing 1 changed file with 14 additions and 4 deletions.
18 changes: 14 additions & 4 deletions src/usr/local/www/diag_packet_capture.php
View file
Expand Up @@ -119,10 +119,20 @@
$input_filter = ($_POST['filter'] !== null) ? intval($_POST['filter']) : null;
if ($_POST['count'] == '0') {
$input_count = 0;
} elseif (empty($_POST['count'])) {
$input_count = 1000;
} elseif (!is_numericint($_POST['count'])) {
$input_error[] = 'Invalid Packet Count.';
} else {
$input_count = empty($_POST['count']) ? 1000 : $_POST['count'];
$input_count = intval($_POST['count']);
}
if (empty($_POST['length'])) {
$input_length = 0;
} elseif (!is_numericint($_POST['length'])) {
$input_error[] = 'Invalid Packet Length.';
} else {
$input_length = intval($_POST['length']);
}
$input_length = empty($_POST['length']) ? 0 : $_POST['length'];
$input_promiscuous = empty($_POST['promiscuous']) ? false : $_POST['promiscuous'];
// view options
$input_viewdetail = empty($_POST['viewdetail']) ? 'normal' : $_POST['viewdetail'];
Expand Down Expand Up @@ -759,8 +769,8 @@

// Handle capture options
$cmd_part_promiscuous = $input_promiscuous ? '' : ' -p';
$cmd_part_count = empty($input_count) ? '' : " -c {$input_count}";
$cmd_part_length = empty($input_length) ? '' : " -s {$input_length}";
$cmd_part_count = empty($input_count) ? '' : " -c " . escapeshellarg($input_count);
$cmd_part_length = empty($input_length) ? '' : " -s " . escapeshellarg($input_length);
$cmd_expression_string = $expression_string ? escapeshellarg($expression_string) : '';

/* Output in binary format (use packet-buffered to avoid missing packets) to stdout,
Expand Down

0 comments on commit f72618c

Please sign in to comment.