From f48074bacbf1e3835ca8975d82e5dd2dc514bcb1 Mon Sep 17 00:00:00 2001 From: Stefan Schantl Date: Wed, 17 Jul 2013 19:58:20 +0200 Subject: [PATCH] ovpnmain.cgi: Add check for a valid N2N network. Fixes #10390. --- html/cgi-bin/ovpnmain.cgi | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index a4953ffe4..38dad1ded 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -3520,6 +3520,14 @@ if ($cgiparams{'TYPE'} eq 'net') { goto VPNCONF_ERROR; } + # Check if the input for the transfer net is valid. + if (!&General::validipandmask($cgiparams{'OVPN_SUBNET'})){ + $errormessage = $Lang::tr{'ccd err invalidnet'}; + unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!"; + rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!"; + goto VPNCONF_ERROR; + } + if ($cgiparams{'OVPN_SUBNET'} eq $vpnsettings{'DOVPN_SUBNET'}) { $errormessage = $Lang::tr{'openvpn subnet is used'}; unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!"; -- 2.39.2