From 6d443755f0b5d4a5548c1dc2d037e490f81e7e8d Mon Sep 17 00:00:00 2001
From: Franco Fichtner <franco@opnsense.org>
Date: Mon, 1 May 2017 13:01:39 +0200
Subject: [PATCH] system: fix off by one and add validation; closes #1581

---
 src/www/system_camanager.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/www/system_camanager.php b/src/www/system_camanager.php
index 2f8b97516..09e39b96a 100644
--- a/src/www/system_camanager.php
+++ b/src/www/system_camanager.php
@@ -332,6 +332,10 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
             }
         }
 
+        if (isset($pconfig['serial']) && ((string)((int)$pconfig['serial']) != $pconfig['serial'] || $pconfig['serial'] < 1)) {
+            $input_errors[] = gettext('The serial number must be a number greater than zero.');
+        }
+
         /* save modifications */
         if (count($input_errors) == 0) {
             $ca = array();
@@ -349,7 +353,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
             }
 
             if (!empty($pconfig['serial'])) {
-                $ca['serial'] = $pconfig['serial'];
+                $ca['serial'] = $pconfig['serial'] - 1;
             }
 
             if (isset($id)) {