Skip to content

Commit

Permalink
Check U16 bounds of /config/networkopenduration
Browse files Browse the repository at this point in the history
  • Loading branch information
@manup
manup committed Nov 9, 2019
1 parent 46dcde9 commit 54efc6e
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion rest_configuration.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1922,7 +1922,7 @@ int DeRestPluginPrivate::modifyConfig(const ApiRequest &req, ApiResponse &rsp)
{
int seconds = map["networkopenduration"].toInt(&ok);

if (!ok)
if (!ok || seconds < 0 || seconds > UINT16_MAX)
{
rsp.list.append(errorToMap(ERR_INVALID_VALUE, QString("/config/networkopenduration"), QString("invalid value, %1, for parameter, networkopenduration").arg(map["networkopenduration"].toString())));
rsp.httpStatus = HttpStatusBadRequest;
Expand Down

0 comments on commit 54efc6e

Please sign in to comment.