diogo
/
symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[HttpFoundation] Avoid warnings when checking malicious IPs

This commit is contained in:
Jakub Zalas 2016-03-10 08:48:57 +00:00
parent fd4edff329
commit 3067bdb8d9
4 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/Symfony/Component/HttpFoundation/IpUtils.php
View File

@ -112,8 +112,12 @@ class IpUtils
$netmask = 128;
}
$bytesAddr = unpack('n*', inet_pton($address));
$bytesTest = unpack('n*', inet_pton($requestIp));
$bytesAddr = unpack('n*', @inet_pton($address));
$bytesTest = unpack('n*', @inet_pton($requestIp));
if (!$bytesAddr || !$bytesTest) {
return false;
}
for ($i = 1, $ceil = ceil($netmask / 16); $i <= $ceil; ++$i) {
$left = $netmask - 16 * ($i - 1);

2
src/Symfony/Component/HttpFoundation/Request.php
View File

@ -780,6 +780,8 @@ class Request
if (!filter_var($clientIp, FILTER_VALIDATE_IP)) {
unset($clientIps[$key]);
continue;
}
if (IpUtils::checkIp($clientIp, self::$trustedProxies)) {

2
src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php
View File

@ -63,6 +63,8 @@ class IpUtilsTest extends \PHPUnit_Framework_TestCase
array(true, '2a01:198:603:0:396e:4789:8e99:890f', array('::1', '2a01:198:603:0::/65')),
array(true, '2a01:198:603:0:396e:4789:8e99:890f', array('2a01:198:603:0::/65', '::1')),
array(false, '2a01:198:603:0:396e:4789:8e99:890f', array('::1', '1a01:198:603:0::/65')),
array(false, '}__test|O:21:&quot;JDatabaseDriverMysqli&quot;:3:{s:2', '::1'),
array(false, '2a01:198:603:0:396e:4789:8e99:890f', 'unknown'),
);
}

1
src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
View File

@ -866,6 +866,7 @@ class RequestTest extends \PHPUnit_Framework_TestCase
// invalid forwarded IP is ignored
array(array('88.88.88.88'), '127.0.0.1', 'unknown,88.88.88.88', array('127.0.0.1')),
array(array('88.88.88.88'), '127.0.0.1', '}__test|O:21:&quot;JDatabaseDriverMysqli&quot;:3:{s:2,88.88.88.88', array('127.0.0.1')),
);
}