From 3cf9d87f720e59b61646aa832e152125c5b3f512 Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Thu, 6 Jul 2023 16:44:39 +0200
Subject: [PATCH] Check SAFETY_TIMER value

---
 minifirewall | 19 ++++++++++++++-----
 1 file changed, 14 insertions(+), 5 deletions(-)

diff --git a/minifirewall b/minifirewall
index db0b98d..51aec3a 100755
--- a/minifirewall
+++ b/minifirewall
@@ -1156,16 +1156,25 @@ reset() {
     printf "${GREEN}${BOLD}${PROGNAME} reset${RESET}\n"
 }
 
+safety_timer() {
+    if [ "${SAFETY_TIMER}" -le "0" ] || [ "${SAFETY_TIMER}" -gt "3600" ]; then
+        syslog_info "safety timer value '${SAFETY_TIMER}' is out of range (1 < 3600), reverted to default value of '30'."
+        SAFETY_TIMER=30
+        readonly SAFETY_TIMER
+    fi
+    echo "${SAFETY_TIMER}"
+}
+
 stop_if_locked() {
     count=0
 
-    while [ ${count} -lt ${SAFETY_TIMER} ] && [ -f "${SAFETY_LOCK}" ]; do
+    while [ "${count}" -lt "$(safety_timer)" ] && [ -f "${SAFETY_LOCK}" ]; do
         count=$(( count + 1 ))
         sleep 1
     done
 
     if [ -f "${SAFETY_LOCK}" ]; then
-        syslog_error "safety lock is still here after ${SAFETY_TIMER} seconds, we need to stop"
+        syslog_error "safety lock is still here after $(safety_timer) seconds, we need to stop"
 
         stop
 
@@ -1188,11 +1197,11 @@ safe_start() {
     nohup "${0}" stop-if-locked > "${SAFETY_OUTPUT}" 2>&1 &
 
     if is_interactive; then
-        syslog_info "safe-restart in interactive mode ; if safety lock (${SAFETY_LOCK}) is not removed in the next ${SAFETY_TIMER} seconds, minifirewall will be stopped."
+        syslog_info "safe-restart in interactive mode ; if safety lock (${SAFETY_LOCK}) is not removed in the next $(safety_timer) seconds, minifirewall will be stopped."
         # Ask for input
         confirm_default="I'm locked out, please stop the firewall"
         # printf "If the restart has locked you out you might see this but you shouldn't be able to type anything.\n"
-        printf "Minifirewall will be stopped in ${SAFETY_TIMER} seconds if you do nothing.\n"
+        printf "Minifirewall will be stopped in $(safety_timer) seconds if you do nothing.\n"
         printf "Remove \`${SAFETY_LOCK}' or type anything to keep minifirewall started: "
 
         read -r confirm
@@ -1203,7 +1212,7 @@ safe_start() {
             rm -f "${SAFETY_LOCK}" && printf "${GREEN}OK. Safety lock is removed.${RESET}\n"
         fi
     else
-        syslog_info "safe-restart in non-interactive mode ; if safety lock (${SAFETY_LOCK}) is not removed in the next ${SAFETY_TIMER} seconds, minifirewall will be stopped."
+        syslog_info "safe-restart in non-interactive mode ; if safety lock (${SAFETY_LOCK}) is not removed in the next $(safety_timer) seconds, minifirewall will be stopped."
     fi
 }