8000 [HttpFoundation] Check IPv6 is valid before comparing it · symfony/symfony@2b7ff11 · GitHub
[go: up one dir, main page]
Skip to content

Commit 2b7ff11

Browse files
PhilETaylorfabpot
PhilETaylor
authored and
fabpot
committed
[HttpFoundation] Check IPv6 is valid before comparing it
1 parent 6303708 commit 2b7ff11

File tree

2 files changed

+13
-0
lines changed

2 files changed

+13
-0
lines changed

src/Symfony/Component/HttpFoundation/IpUtils.php

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -124,6 +124,15 @@ public static function checkIp6($requestIp, $ip)
124124
throw new \RuntimeException('Unable to check Ipv6. Check that PHP was not compiled with option "disable-ipv6".');
125125
}
126126

127+
// Check to see if we were given a IP4 $requestIp or $ip by mistake
128+
if (str_contains($requestIp, '.') || str_contains($ip, '.')) {
129+
return self::$checkedIps[$cacheKey] = false;
130+
}
131+
132+
if (!filter_var($requestIp, \FILTER_VALIDATE_IP, \FILTER_FLAG_IPV6)) {
133+
return self::$checkedIps[$cacheKey] = false;
134+
}
135+
127136
if (str_contains($ip, '/')) {
128137
[$address, $netmask] = explode('/', $ip, 2);
129138

src/Symfony/Component/HttpFoundation/Tests/IpUtilsTest.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -73,6 +73,10 @@ public function getIpv6Data()
7373
[false, '2a01:198:603:0:396e:4789:8e99:890f', 'unknown'],
7474
[false, '', '::1'],
7575
[false, null, '::1'],
76+
[false, '127.0.0.1', '::1'],
77+
[false, '0.0.0.0/8', '::1'],
78+
[false, '::1', '127.0.0.1'],
79+
[false, '::1', '0.0.0.0/8'],
7680
];
7781
}
7882

0 commit comments

Comments
 (0)
0