From a399b629d154c0f87dc33bb574269a2edd33d88e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20B=C3=B6hmer?= <mail@jan-boehmer.de>
Date: Sun, 14 Sep 2025 23:04:44 +0200
Subject: [PATCH] Use a proper range constraint on the form

Otherwise it is possible to inject invalid data
---
 src/Form/InfoProviderSystem/FieldToProviderMappingType.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/Form/InfoProviderSystem/FieldToProviderMappingType.php b/src/Form/InfoProviderSystem/FieldToProviderMappingType.php
index fa7ee28b..13e9581e 100644
--- a/src/Form/InfoProviderSystem/FieldToProviderMappingType.php
+++ b/src/Form/InfoProviderSystem/FieldToProviderMappingType.php
@@ -59,7 +59,10 @@ class FieldToProviderMappingType extends AbstractType
                 'max' => 10,
                 'class' => 'form-control-sm',
                 'style' => 'width: 80px;'
-            ]
+            ],
+            'constraints' => [
+                new \Symfony\Component\Validator\Constraints\Range(['min' => 1, 'max' => 10]),
+            ],
         ]);
     }
 
@@ -69,4 +72,4 @@ class FieldToProviderMappingType extends AbstractType
             'field_choices' => [],
         ]);
     }
-}
\ No newline at end of file
+}