Browse code
validate SRV record data field
Bernd Wurst authored on06/05/2020 18:44:00 Showing1 changed files
| ... | ... |
@@ -345,8 +345,15 @@ function save_dns_record($id, $record) |
| 345 | 345 |
if (! $record['data']) {
|
| 346 | 346 |
system_failure('SRV target missing');
|
| 347 | 347 |
} |
| 348 |
- list($hostname, $port) = explode(':', $record['data'], 2);
|
|
| 348 |
+ $data = explode(':', $record['data'], 2);
|
|
| 349 |
+ if (count($data) != 2) {
|
|
| 350 |
+ system_failure('Das eingegebene Ziel war nicht im Format hostname:port');
|
|
| 351 |
+ } |
|
| 352 |
+ list($hostname, $port) = $data; |
|
| 349 | 353 |
verify_input_hostname($hostname); |
| 354 |
+ if ($port != (int) $port || $port == 0) {
|
|
| 355 |
+ system_failure('Ungültige Portnummer');
|
|
| 356 |
+ } |
|
| 350 | 357 |
$record['ip'] = null; |
| 351 | 358 |
break; |
| 352 | 359 |
default: |