From 99465b1ab779aa21c86dd9c7ad20c1b1a6b60a17 Mon Sep 17 00:00:00 2001 From: Ivan Kurnosov Date: Tue, 19 May 2015 22:18:22 +1200 Subject: [PATCH 1/4] bug #14674 [HttpFoundation] IpUtils::checkIp4() must accept "0.0.0.0/0" as a valid mask (that includes every IPv4 address) See http://tools.ietf.org/html/rfc4632#section-3.1 --- src/Symfony/Component/HttpFoundation/IpUtils.php | 6 +++++- src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php | 1 + 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/src/Symfony/Component/HttpFoundation/IpUtils.php b/src/Symfony/Component/HttpFoundation/IpUtils.php index 68e9421d942aa..b13047f0ab228 100644 --- a/src/Symfony/Component/HttpFoundation/IpUtils.php +++ b/src/Symfony/Component/HttpFoundation/IpUtils.php @@ -64,9 +64,13 @@ public static function checkIp4($requestIp, $ip) if (false !== strpos($ip, '/')) { list($address, $netmask) = explode('/', $ip, 2); - if ($netmask < 1 || $netmask > 32) { + if ($netmask < 0 || $netmask > 32) { return false; } + + if ($netmask === '0') { + return true; + } } else { $address = $ip; $netmask = 32; diff --git a/src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php b/src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php index 726ba6a34795e..9d16d8b792843 100644 --- a/src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php +++ b/src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php @@ -34,6 +34,7 @@ public function testIpv4Provider() array(true, '192.168.1.1', array('1.2.3.4/1', '192.168.1.0/24')), array(true, '192.168.1.1', array('192.168.1.0/24', '1.2.3.4/1')), array(false, '192.168.1.1', array('1.2.3.4/1', '4.3.2.1/1')), + array(true, '1.2.3.4', '0.0.0.0/0'), ); } From 9cb4ccb02b76443b55c2020a0386df2df5281b5e Mon Sep 17 00:00:00 2001 From: Ivan Kurnosov Date: Tue, 19 May 2015 23:59:04 +1200 Subject: [PATCH 2/4] bug #14674 [HttpFoundation] Additional check that the network base IP address is a valid IPv4 --- src/Symfony/Component/HttpFoundation/IpUtils.php | 2 +- src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/src/Symfony/Component/HttpFoundation/IpUtils.php b/src/Symfony/Component/HttpFoundation/IpUtils.php index b13047f0ab228..55061b9cce8c9 100644 --- a/src/Symfony/Component/HttpFoundation/IpUtils.php +++ b/src/Symfony/Component/HttpFoundation/IpUtils.php @@ -69,7 +69,7 @@ public static function checkIp4($requestIp, $ip) } if ($netmask === '0') { - return true; + return filter_var($address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); } } else { $address = $ip; diff --git a/src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php b/src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php index 9d16d8b792843..7b7085133a5d8 100644 --- a/src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php +++ b/src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php @@ -35,6 +35,7 @@ public function testIpv4Provider() array(true, '192.168.1.1', array('192.168.1.0/24', '1.2.3.4/1')), array(false, '192.168.1.1', array('1.2.3.4/1', '4.3.2.1/1')), array(true, '1.2.3.4', '0.0.0.0/0'), + array(false, '1.2.3.4', '256.256.256/0'), ); } From aa240838c10ce708c3008d8329b209733c362f0e Mon Sep 17 00:00:00 2001 From: Ivan Kurnosov Date: Wed, 20 May 2015 00:08:17 +1200 Subject: [PATCH 3/4] bug #14674 [HttpFoundation] Changed comparison to yoda-style for consistency purposes --- src/Symfony/Component/HttpFoundation/IpUtils.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Symfony/Component/HttpFoundation/IpUtils.php b/src/Symfony/Component/HttpFoundation/IpUtils.php index 55061b9cce8c9..b626c3934586f 100644 --- a/src/Symfony/Component/HttpFoundation/IpUtils.php +++ b/src/Symfony/Component/HttpFoundation/IpUtils.php @@ -68,7 +68,7 @@ public static function checkIp4($requestIp, $ip) return false; } - if ($netmask === '0') { + if ('0' === $netmask) { return filter_var($address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); } } else { From fadbba99cc8ef55090bf43f34e9b7a49b2ae2cb0 Mon Sep 17 00:00:00 2001 From: Ivan Kurnosov Date: Wed, 20 May 2015 08:02:44 +1200 Subject: [PATCH 4/4] bug #14674 [HttpFoundation] Added a check for `0.0.0.0/0` explicitly, since it's the only allowed network of a `/0` size --- src/Symfony/Component/HttpFoundation/IpUtils.php | 10 +++++----- .../Component/HttpFoundation/Tests/IpUtilsTest.php | 1 + 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/src/Symfony/Component/HttpFoundation/IpUtils.php b/src/Symfony/Component/HttpFoundation/IpUtils.php index b626c3934586f..fb906b6812d23 100644 --- a/src/Symfony/Component/HttpFoundation/IpUtils.php +++ b/src/Symfony/Component/HttpFoundation/IpUtils.php @@ -62,15 +62,15 @@ public static function checkIp($requestIp, $ips) public static function checkIp4($requestIp, $ip) { if (false !== strpos($ip, '/')) { + if ('0.0.0.0/0' === $ip) { + return true; + } + list($address, $netmask) = explode('/', $ip, 2); - if ($netmask < 0 || $netmask > 32) { + if ($netmask < 1 || $netmask > 32) { return false; } - - if ('0' === $netmask) { - return filter_var($address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); - } } else { $address = $ip; $netmask = 32; diff --git a/src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php b/src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php index 7b7085133a5d8..0002478246ab9 100644 --- a/src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php +++ b/src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php @@ -36,6 +36,7 @@ public function testIpv4Provider() array(false, '192.168.1.1', array('1.2.3.4/1', '4.3.2.1/1')), array(true, '1.2.3.4', '0.0.0.0/0'), array(false, '1.2.3.4', '256.256.256/0'), + array(false, '1.2.3.4', '192.168.1.0/0'), ); } pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy