From cd125ded3b6d10cdd2ab6bbd0135fc3e4e578ece Mon Sep 17 00:00:00 2001
From: Sangyeok Sim <sangyeok.sim@samsung.com>
Date: Fri, 8 Jun 2018 11:27:27 +0900
Subject: [PATCH] ACL Input param validation for L4 port

Change-Id: I5862aab56404afaf4d36e982a0259a498fdab216
---
 .../java/org/onosproject/acl/AclWebResource.java     | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/apps/acl/src/main/java/org/onosproject/acl/AclWebResource.java b/apps/acl/src/main/java/org/onosproject/acl/AclWebResource.java
index 74b572cd12..972c1d91a9 100644
--- a/apps/acl/src/main/java/org/onosproject/acl/AclWebResource.java
+++ b/apps/acl/src/main/java/org/onosproject/acl/AclWebResource.java
@@ -203,12 +203,20 @@ public class AclWebResource extends AbstractWebResource {
 
         int port = node.path("dstTpPort").asInt(0);
         if (port > 0) {
-            rule.dstTpPort((short) port);
+            if ("TCP".equalsIgnoreCase(s) || "UDP".equalsIgnoreCase(s)) {
+                rule.dstTpPort((short) port);
+            } else {
+                throw new IllegalArgumentException("dstTpPort can be set only when ipProto is TCP or UDP");
+            }
         }
 
         port = node.path("srcTpPort").asInt(0);
         if (port > 0) {
-            rule.srcTpPort((short) port);
+            if ("TCP".equalsIgnoreCase(s) || "UDP".equalsIgnoreCase(s)) {
+                rule.srcTpPort((short) port);
+            } else {
+                throw new IllegalArgumentException("srcTpPort can be set only when ipProto is TCP or UDP");
+            }
         }
 
         s = node.path("action").asText(null);