8000 [HttpFoundation] Check IPv6 is valid before comparing it · symfony/symfony@14c3f4a · GitHub
[go: up one dir, main page]
Skip to content

Commit 14c3f4a

Browse files
PhilETaylorPhilETaylor
committed
[HttpFoundation] Check IPv6 is valid before comparing it
1 parent f4d2370 commit 14c3f4a

File tree

2 files changed

+13
-0
lines changed

2 files changed

+13
-0
lines changed

src/Symfony/Component/HttpFoundation/IpUtils.php

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -135,6 +135,15 @@ public static function checkIp6(?string $requestIp, string $ip)
135135
throw new \RuntimeException('Unable to check Ipv6. Check that PHP was not compiled with option "disable-ipv6".');
136136
}
137137

138+
// Check to see if we were given a IP4 $requestIp or $ip by mistake
139+
if (str_contains($requestIp, '.') || str_contains($ip, '.')) {
140+
return self::$checkedIps[$cacheKey] = false;
141+
}
142+
143+
if (!filter_var($requestIp, \FILTER_VALIDATE_IP, \FILTER_FLAG_IPV6)) {
144+
return self::$checkedIps[$cacheKey] = false;
145+
}
146+
138147
if (str_contains($ip, '/')) {
139148
[$address, $netmask] = explode('/', $ip, 2);
140149

src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -74,6 +74,10 @@ public function getIpv6Data()
7474
[false, '}__test|O:21:"JDatabaseDriverMysqli":3:{s:2', '::1'],
7575
[false, '2a01:198:603:0:396e:4789:8e99:890f', 'unknown'],
7676
[false, '', '::1'],
77+
[false, '127.0.0.1', '::1'],
78+
[false, '0.0.0.0/8', '::1'],
79+
[false, '::1', '127.0.0.1'],
80+
[false, '::1', '0.0.0.0/8'],
7781
];
7882
}
7983

0 commit comments

Comments
 (0)
0