A recent code review surfaced ~15 tools that check parameters with only !empty(). Most are admin-level surfaces, but tightening this is cheap and reduces the blast radius of any future auth bypass or parameter-confusion bug.
Tools needing format validation:
fm_disable_voicemail, fm_enable_voicemail — ext should match /^\d+$/fm_disable_trunk, fm_enable_trunk — id should match /^\d+$/fm_delete_ringgroup — id should match /^\d+$/fm_pjsip_qualify — ext should match /^[a-zA-Z0-9_-]+$/fm_toggle_daynight — id should match /^\d+$/fm_toggle_dnd — ext should match /^\d+$/fm_module_{disable,enable,install,uninstall,upgrade} — name should match /^[a-zA-Z0-9_-]+$/fm_backup_create — id should be UUID or numericfm_monitor_call, fm_stop_monitor_call, fm_transfer_call — channel should match a channel patternfm_originate_call — ext/dest should be dialable digits
Pattern reference: DiagnoseExtension.php:11 and PjsipEndpointDetails.php already do this correctly.
A recent code review surfaced ~15 tools that check parameters with only
!empty(). Most are admin-level surfaces, but tightening this is cheap and reduces the blast radius of any future auth bypass or parameter-confusion bug.Tools needing format validation:
fm_disable_voicemail,fm_enable_voicemail—extshould match/^\d+$/fm_disable_trunk,fm_enable_trunk—idshould match/^\d+$/fm_delete_ringgroup—idshould match/^\d+$/fm_pjsip_qualify—extshould match/^[a-zA-Z0-9_-]+$/fm_toggle_daynight—idshould match/^\d+$/fm_toggle_dnd—extshould match/^\d+$/fm_module_{disable,enable,install,uninstall,upgrade}—nameshould match/^[a-zA-Z0-9_-]+$/fm_backup_create—idshould be UUID or numericfm_monitor_call,fm_stop_monitor_call,fm_transfer_call—channelshould match a channel patternfm_originate_call—ext/destshould be dialable digitsPattern reference:
DiagnoseExtension.php:11andPjsipEndpointDetails.phpalready do this correctly.