[HttpFoundation] Avoid warnings when checking malicious IPs
This commit is contained in:
parent
fd4edff329
commit
3067bdb8d9
|
@ -112,8 +112,12 @@ class IpUtils
|
|||
$netmask = 128;
|
||||
}
|
||||
|
||||
$bytesAddr = unpack('n*', inet_pton($address));
|
||||
$bytesTest = unpack('n*', inet_pton($requestIp));
|
||||
$bytesAddr = unpack('n*', @inet_pton($address));
|
||||
$bytesTest = unpack('n*', @inet_pton($requestIp));
|
||||
|
||||
if (!$bytesAddr || !$bytesTest) {
|
||||
return false;
|
||||
}
|
||||
|
||||
for ($i = 1, $ceil = ceil($netmask / 16); $i <= $ceil; ++$i) {
|
||||
$left = $netmask - 16 * ($i - 1);
|
||||
|
|
|
@ -780,6 +780,8 @@ class Request
|
|||
|
||||
if (!filter_var($clientIp, FILTER_VALIDATE_IP)) {
|
||||
unset($clientIps[$key]);
|
||||
|
||||
continue;
|
||||
}
|
||||
|
||||
if (IpUtils::checkIp($clientIp, self::$trustedProxies)) {
|
||||
|
|
|
@ -63,6 +63,8 @@ class IpUtilsTest extends \PHPUnit_Framework_TestCase
|
|||
array(true, '2a01:198:603:0:396e:4789:8e99:890f', array('::1', '2a01:198:603:0::/65')),
|
||||
array(true, '2a01:198:603:0:396e:4789:8e99:890f', array('2a01:198:603:0::/65', '::1')),
|
||||
array(false, '2a01:198:603:0:396e:4789:8e99:890f', array('::1', '1a01:198:603:0::/65')),
|
||||
array(false, '}__test|O:21:"JDatabaseDriverMysqli":3:{s:2', '::1'),
|
||||
array(false, '2a01:198:603:0:396e:4789:8e99:890f', 'unknown'),
|
||||
);
|
||||
}
|
||||
|
||||
|
|
|
@ -866,6 +866,7 @@ class RequestTest extends \PHPUnit_Framework_TestCase
|
|||
|
||||
// invalid forwarded IP is ignored
|
||||
array(array('88.88.88.88'), '127.0.0.1', 'unknown,88.88.88.88', array('127.0.0.1')),
|
||||
array(array('88.88.88.88'), '127.0.0.1', '}__test|O:21:"JDatabaseDriverMysqli":3:{s:2,88.88.88.88', array('127.0.0.1')),
|
||||
);
|
||||
}
|
||||
|
||||
|
|
Reference in New Issue