add more input validation

SVN-Revision: 2006

diff --git a/openwrt/package/webif/files/usr/lib/webif/validate.awk b/openwrt/package/webif/files/usr/lib/webif/validate.awk
index 5ba4f664b45dc2745e4a8f01ba9b92b1231fa6ad..77d4ff695cae45006bdc932a050ea128bf0aec9f 100644 (file)
--- a/openwrt/package/webif/files/usr/lib/webif/validate.awk
+++ b/openwrt/package/webif/files/usr/lib/webif/validate.awk
@@ -58,6 +58,18 @@ $1 == "hostname" {
        }
 }
 
+$1 == "string" {
+       valid_type = 1
+}
+
+$1 == "mac" {
+       valid_type = 1
+       if ((value != "") && (value !~ /^[0-9a-fA-F][0-9a-fA-F]*:[0-9a-fA-F][0-9a-fA-F]*:[0-9a-fA-F][0-9a-fA-F]*:[0-9a-fA-F][0-9a-fA-F]*:[0-9a-fA-F][0-9a-fA-F]*:[0-9a-fA-F][0-9a-fA-F]*$/)) {
+               valid = 0
+               verr = "Invalid value"
+       }
+}
+
 valid_type != 1 { valid = 0 }
 
 valid == 1 {
@@ -65,17 +77,25 @@ valid == 1 {
        for (i = 1; (valid == 1) && (i <= n); i++) {
                if (options[i] == "required") {
                        if (value == "") { valid = 0; verr = "No value entered" }
-               } else if (options[i] ~ /^min=/) {
+               } else if ((options[i] ~ /^min=/) && (value != "")) {
                        if ($1 == "int") {
                                min = options[i]
                                sub(/^min=/, "", min)
                                if (value < min) { valid = 0; verr = "Value too small" }
+                       } else if ($1 == "string") {
+                               min = options[i]
+                               sub(/^min=/, "", min)
+                               if (length(value) < min) { valid = 0; verr = "Value too small" }
                        }
-               } else if (options[i] ~ /^max=/) {
+               } else if ((options[i] ~ /^max=/) && (value != ""))  {
                        if ($1 == "int") {
                                max = options[i]
                                sub(/^max=/, "", max)
                                if (value > max) { valid = 0; verr = "Value too large" }
+                       } else if ($1 == "string") {
+                               max = options[i]
+                               sub(/^max=/, "", max)
+                               if (length(value) > max) { valid = 0; verr = "Value too large" }
                        }
                } else if ((options[i] == "nodots") && ($1 == "hostname")) {
                        if (value ~ /\./) {

diff --git a/openwrt/package/webif/files/www/cgi-bin/webif/wireless-config.sh b/openwrt/package/webif/files/www/cgi-bin/webif/wireless-config.sh
index 4eb498ea6e73d22993dc1dbe2284e6491b61f71c..0eb1e96252f06207021669d78e1561c3b5ea8ca8 100755 (executable)
--- a/openwrt/package/webif/files/www/cgi-bin/webif/wireless-config.sh
+++ b/openwrt/package/webif/files/www/cgi-bin/webif/wireless-config.sh
@@ -3,6 +3,7 @@
 . /usr/lib/webif/webif.sh
 load_settings "wireless"
 
+
 WDS=${wl0_wds:-$(nvram get wl0_wds)}
 WDS="${WDS# }"
 [ -z "$FORM_wdsremove" ] || {
@@ -22,14 +23,16 @@ END { print "" }')
        save_setting wireless wl0_wds "$WDS"
        FORM_submit=""
 }
-[ -z "$FORM_wdssubmit" ] || {
-       # FIXME: add input validation
-       WDS="$WDS $FORM_newmac"
-       WDS="${WDS# }"
-       save_setting wireless wl0_wds "$WDS"
+[ \! -z "$FORM_wdssubmit" ] && {
+       validate "mac|FORM_newmac|WDS MAC address||$FORM_newmac" && {
+               WDS="$WDS $FORM_newmac"
+               WDS="${WDS# }"
+               save_setting wireless wl0_wds "$WDS"
+       }
        FORM_submit=""
 }
 if [ -z "$FORM_submit" ]; then
+       FORM_newmac=${FORM_newmac:-00:00:00:00:00:00}
        FORM_mode=${wl0_mode:-$(nvram get wl0_mode)}
        FORM_ssid=${wl0_ssid:-$(nvram get wl0_ssid)}
        FORM_encryption=off
@@ -96,13 +99,16 @@ if [ -z "$FORM_submit" ]; then
        FORM_key=${key:-1}
 else
        SAVED=1
-       [ "$FORM_encryption" = "wpa" ] && VALIDATE_RADIUS="required"
+       [ "$FORM_encryption" = "wpa" ] && V_RADIUS="required"
+       [ "$FORM_encryption" = "psk" ] && V_PSK="required"
        validate "
-ip|FORM_radius_ipaddr|RADIUS IP address|$VALIDATE_RADIUS|$FORM_radius_ipaddr
+ip|FORM_radius_ipaddr|RADIUS IP address|$V_RADIUS|$FORM_radius_ipaddr
 wep|FORM_key1|WEP key 1||$FORM_key1
 wep|FORM_key2|WEP key 2||$FORM_key2
 wep|FORM_key3|WEP key 3||$FORM_key3
-wep|FORM_key4|WEP key 4||$FORM_key4" && {
+wep|FORM_key4|WEP key 4||$FORM_key4
+string|FORM_wpa_psk|WPA pre-shared key|min=8 max=63 $V_PSK|$FORM_wpa_psk
+string|FORM_radius_key|RADIUS server key|min=4 max=63 $V_RADIUS|$FORM_radius_key" && {
                save_setting wireless wl0_mode "$FORM_mode"
                save_setting wireless wl0_ssid "$FORM_ssid"
                case "$FORM_aes$FORM_tkip" in 
@@ -238,7 +244,7 @@ $0 ~ /^[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]:[0-9A-F][0-9A-F]:[0-9A
 '
 ?>
                <tr>
-                       <td width="45%"><input type="text" name="newmac" value="00:00:00:00:00:00" /></td>
+                       <td width="45%"><input type="text" name="newmac" value="<? echo -n $FORM_newmac ?>" /></td>
                        <td width="55%"><input type="submit" name="wdssubmit" value="Add WDS peer" /></td>
                </tr>
        </table>