From 6279815f23729c1f482e95192d3449ae8b8beb06 Mon Sep 17 00:00:00 2001 From: Alex Silcock Date: Thu, 8 Oct 2015 15:18:26 +0100 Subject: [PATCH 1/2] bug #16055 [HttpFoundation] Fixes /0 subnet handling in IpUtils --- src/Symfony/Component/HttpFoundation/IpUtils.php | 13 +++++++------ .../Component/HttpFoundation/Tests/IpUtilsTest.php | 7 +++---- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/src/Symfony/Component/HttpFoundation/IpUtils.php b/src/Symfony/Component/HttpFoundation/IpUtils.php index fb906b6812d23..e08301ece16c5 100644 --- a/src/Symfony/Component/HttpFoundation/IpUtils.php +++ b/src/Symfony/Component/HttpFoundation/IpUtils.php @@ -57,18 +57,19 @@ public static function checkIp($requestIp, $ips) * @param string $requestIp IPv4 address to check * @param string $ip IPv4 address or subnet in CIDR notation * - * @return bool Whether the IP is valid + * @return bool Whether the request IP matches the IP, or whether the request IP is within the CIDR subnet. */ public static function checkIp4($requestIp, $ip) { if (false !== strpos($ip, '/')) { - if ('0.0.0.0/0' === $ip) { - return true; - } - list($address, $netmask) = explode('/', $ip, 2); - if ($netmask < 1 || $netmask > 32) { + if ($netmask === '0') { + // Ensure IP is valid - using ip2long below implicitly validates, but we need to do it manually here + return filter_var($address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); + } + + if ($netmask < 0 || $netmask > 32) { return false; } } else { diff --git a/src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php b/src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php index 0002478246ab9..e06467eb209e3 100644 --- a/src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php +++ b/src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php @@ -30,13 +30,12 @@ public function testIpv4Provider() array(true, '192.168.1.1', '192.168.1.1/1'), array(true, '192.168.1.1', '192.168.1.0/24'), array(false, '192.168.1.1', '1.2.3.4/1'), - array(false, '192.168.1.1', '192.168.1/33'), + array(false, '192.168.1.1', '192.168.1.1/33'), // invalid subnet array(true, '192.168.1.1', array('1.2.3.4/1', '192.168.1.0/24')), array(true, '192.168.1.1', array('192.168.1.0/24', '1.2.3.4/1')), array(false, '192.168.1.1', array('1.2.3.4/1', '4.3.2.1/1')), - array(true, '1.2.3.4', '0.0.0.0/0'), - array(false, '1.2.3.4', '256.256.256/0'), - array(false, '1.2.3.4', '192.168.1.0/0'), + array(false, '1.2.3.4', '256.256.256/0'), // invalid CIDR notation + array(true, '1.2.3.4', '192.168.1.0/0'), ); } From 4d5ec5567cbf3263ba24823465e2f09e54bb49a7 Mon Sep 17 00:00:00 2001 From: Alex Silcock Date: Thu, 8 Oct 2015 16:25:18 +0100 Subject: [PATCH 2/2] bug #16055 [HttpFoundation] Re-add a test case --- src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php b/src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php index e06467eb209e3..e87baea34adaa 100644 --- a/src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php +++ b/src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php @@ -34,8 +34,9 @@ public function testIpv4Provider() array(true, '192.168.1.1', array('1.2.3.4/1', '192.168.1.0/24')), array(true, '192.168.1.1', array('192.168.1.0/24', '1.2.3.4/1')), array(false, '192.168.1.1', array('1.2.3.4/1', '4.3.2.1/1')), - array(false, '1.2.3.4', '256.256.256/0'), // invalid CIDR notation + array(true, '1.2.3.4', '0.0.0.0/0'), array(true, '1.2.3.4', '192.168.1.0/0'), + array(false, '1.2.3.4', '256.256.256/0'), // invalid CIDR notation ); } pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy