lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-14 16:44:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Firewall - Aliases : tighten fqdn validation to avoid mistypes as 192.168.01.1 from being accepted as domain name.

Browse Source
This commit is contained in:
Ad Schellevis 2022-03-18 17:26:21 +01:00
parent 56bd1c33c2
commit 0ac674ceac
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/opnsense/mvc/app/library/OPNsense/Firewall/Util.php
View File

@ -242,7 +242,13 @@ class Util
public static function isDomain($domain)
{
$pattern = '/^(?:(?:[a-z\pL0-9]|[a-z\pL0-9][a-z\pL0-9\-]*[a-z\pL0-9])\.)*(?:[a-z\pL0-9]|[a-z\pL0-9][a-z\pL0-9\-]*[a-z\pL0-9])$/iu';
if (preg_match($pattern, $domain)) {
$parts = explode(".", $domain);
if (ctype_digit($parts[0]) && ctype_digit($parts[count($parts)-1])) {
// according to rfc1123 2.1
// a valid host name can never have the dotted-decimal form #.#.#.#, since at least the highest-level
// component label will be alphabetic.
return false;
} elseif (preg_match($pattern, $domain)) {
return true;
}
return false;