Validate CIDR on firewall_rule_create.go

civo · Apr 18, 2024 · a06b789 · a06b789
1 parent fe9ecdf
commit a06b789
Showing 1 changed file with 20 additions and 0 deletions.
diff --git a/cmd/firewall/firewall_rule_create.go b/cmd/firewall/firewall_rule_create.go
@@ -2,6 +2,7 @@ package firewall
 
 import (
 	"fmt"
+	"net"
 	"strings"
 
 	"github.com/civo/civogo"
@@ -40,6 +41,12 @@ var firewallRuleCreateCmd = &cobra.Command{
 			os.Exit(1)
 		}
 
+		// Validate CIDR input
+		if err := validateCIDRs(cidr); err != nil {
+			utility.Error(err.Error())
+			os.Exit(1)
+		}
+
 		newRuleConfig := &civogo.FirewallRuleConfig{
 			FirewallID: firewall.ID,
 			Protocol:   protocol,
@@ -98,3 +105,16 @@ var firewallRuleCreateCmd = &cobra.Command{
 		}
 	},
 }
+
+// validateCIDRs checks if each CIDR in a comma-separated list is valid
+func validateCIDRs(cidrs string) error {
+	for _, cidr := range strings.Split(cidrs, ",") {
+		if cidr = strings.TrimSpace(cidr); cidr == "" {
+			continue
+		}
+		if _, _, err := net.ParseCIDR(cidr); err != nil {
+			return fmt.Errorf("invalid CIDR address '%s': %s", cidr, err)
+		}
+	}
+	return nil
+}