Disallow ; in acl names or values

author Jamie Cameron <jcameron@webmin.com>

Wed, 20 Apr 2011 16:24:38 +0000 (09:24 -0700)

committer Jamie Cameron <jcameron@webmin.com>

Wed, 20 Apr 2011 16:24:38 +0000 (09:24 -0700)
author Jamie Cameron <jcameron@webmin.com>
Wed, 20 Apr 2011 16:24:38 +0000 (09:24 -0700)
committer Jamie Cameron <jcameron@webmin.com>
Wed, 20 Apr 2011 16:24:38 +0000 (09:24 -0700)
diff --git a/bind8/save_acls.cgi b/bind8/save_acls.cgi

index df505ea..1049bdf 100755 (executable)
--- a/bind8/save_acls.cgi
+++ b/bind8/save_acls.cgi
@@ -13,11 +13,11 @@ $access{'defaults'} || &error($text{'acls_ecannot'});
  $conf = &get_config();
  for($i=0; defined($name = $in{"name_$i"}); $i++) {
         next if (!$name);
-       $name =~ /^\S+$/ || &error(&text('acls_ename', $name));
+       $name =~ /^\S+$/ && $name !~ /;/ || &error(&text('acls_ename', $name));
         $in{"values_$i"} =~ s/\r//g;
         @vals = split(/\n+/, $in{"values_$i"});
         foreach $v (@vals) {
-               if ($v =~ /^[0-9\.]+\s+\S/) {
+               if ($v =~ /^[0-9\.]+\s+\S/ && $v !~ /;/) {
                         &error(&text('acls_eline', $name));
                         }
                 }
author	Jamie Cameron <jcameron@webmin.com>
	Wed, 20 Apr 2011 16:24:38 +0000 (09:24 -0700)
committer	Jamie Cameron <jcameron@webmin.com>
	Wed, 20 Apr 2011 16:24:38 +0000 (09:24 -0700)