From 953a356724640d29c47e3bdb0ea4ca8fb063bff3 Mon Sep 17 00:00:00 2001
From: Vasily Davydov <vasilydavydovmail@yahoo.com>
Date: Sat, 13 Jul 2024 21:55:54 +0300
Subject: [PATCH] cloudflare: validate new ip before saving

---
 services/cloudflare_update_dns | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/services/cloudflare_update_dns b/services/cloudflare_update_dns
index bca7c94..09a5246 100755
--- a/services/cloudflare_update_dns
+++ b/services/cloudflare_update_dns
@@ -33,6 +33,16 @@ function check_internet_access() {
 function check_new_ip() {
 	local new_ip
 	new_ip="$(curl -s ${IP_URL})"
+  if [[ "$new_ip" =~ ^([0-9]{1,3})[.]([0-9]{1,3})[.]([0-9]{1,3})[.]([0-9]{1,3})$ ]]
+  then
+      for (( i=1; i<${#BASH_REMATCH[@]}; ++i ))
+      do
+        (( ${BASH_REMATCH[$i]} <= 255 )) || { "${SEND_TELEGRAM}" "Bad IP from curl. ${new_ip}" >&2; exit 1; }
+      done
+  else
+        "${SEND_TELEGRAM}" "Bad IP from curl. ${new_ip}" >&2
+        exit 1;
+  fi
 	if [[ "${new_ip}" == "${CACHED_PUBLIC_IP}" ]]; then
 		info "Public IP has not changed from ${new_ip}. Exiting..."
 		exit 0;