The v1 patch used defined-or (//), which allowed arbitrary values to be written. This v2 patch validates that IEEE80211W is one of 'off', 'optional', or 'on', defaulting to 'off' if invalid.
Signed-off-by: ummeegge <[email protected]> --- html/cgi-bin/wlanap.cgi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/html/cgi-bin/wlanap.cgi b/html/cgi-bin/wlanap.cgi index 600ddc489..0d1c5a90b 100644 --- a/html/cgi-bin/wlanap.cgi +++ b/html/cgi-bin/wlanap.cgi @@ -118,7 +118,7 @@ if ($cgiparams{'ACTION'} eq "$Lang::tr{'save'}") { $wlanapsettings{'NOSCAN'} = ($cgiparams{'NOSCAN'} eq 'on') ? 'on' : 'off'; $wlanapsettings{'ENC'} = $cgiparams{'ENC'}; $wlanapsettings{'PWD'} = $cgiparams{'PWD'}; - $wlanapsettings{'IEEE80211W'} = ($cgiparams{'IEEE80211W'} eq 'on') ? 'on' : 'off'; + $wlanapsettings{'IEEE80211W'} = ($cgiparams{'IEEE80211W'} eq 'on' || $cgiparams{'IEEE80211W'} eq 'optional') ? $cgiparams{'IEEE80211W'} : 'off'; $wlanapsettings{'TX_POWER'} = $cgiparams{'TX_POWER'}; if ($errormessage eq '') { -- 2.47.2
