validate SRV record data field (0bdccdd) - webinterface.git

@@ -345,8 +345,15 @@ function save_dns_record($id, $record)
       if (! $record['data']) {
           system_failure('SRV target missing');
       }
-      list($hostname, $port) = explode(':', $record['data'], 2);
+      $data = explode(':', $record['data'], 2);
+      if (count($data) != 2) {
+          system_failure('Das eingegebene Ziel war nicht im Format hostname:port');
+      }
+      list($hostname, $port) = $data;
       verify_input_hostname($hostname);
+      if ($port != (int) $port || $port == 0) {
+          system_failure('Ungültige Portnummer');
+      }
       $record['ip'] = null;
       break;
     default:


...	...	@@ -345,8 +345,15 @@ function save_dns_record($id, $record)
345	345	if (! $record['data']) {
346	346	system_failure('SRV target missing');
347	347	}
348		- list($hostname, $port) = explode(':', $record['data'], 2);
	348	+ $data = explode(':', $record['data'], 2);
	349	+ if (count($data) != 2) {
	350	+ system_failure('Das eingegebene Ziel war nicht im Format hostname:port');
	351	+ }
	352	+ list($hostname, $port) = $data;
349	353	verify_input_hostname($hostname);
	354	+ if ($port != (int) $port \|\| $port == 0) {
	355	+ system_failure('Ungültige Portnummer');
	356	+ }
350	357	$record['ip'] = null;
351	358	break;
352	359	default:
353	360