Home
last modified time | relevance | path

Searched hist:"40981 bcc82357fbbd1b690d99568e7e7a022a5c0" (Results 1 – 2 of 2) sorted by relevance

/dokuwiki/_test/tests/inc/
H A DIpTest.php40981bcc82357fbbd1b690d99568e7e7a022a5c0 Thu Jun 25 19:20:20 UTC 2026 Andreas Gohr <gohr@cosmocode.de> Ip: validate CIDR mask to prevent fatal error and over-broad proxy trust

A non-numeric or empty mask in trustedproxies (e.g. 10.0.0.0/abc or
10.0.0.0/) threw an uncaught TypeError on the IPv4 path, and a negative
mask (10.0.0.0/-1) passed the bounds check and produced a bitmask that
matched every IPv4, silently trusting all proxies.

Validate the mask as a non-negative integer in ipInRange() and broaden
the ipMatches() catch to Throwable so an invalid range degrades to
'no match' instead of a 500.

/dokuwiki/inc/
H A DIp.php40981bcc82357fbbd1b690d99568e7e7a022a5c0 Thu Jun 25 19:20:20 UTC 2026 Andreas Gohr <gohr@cosmocode.de> Ip: validate CIDR mask to prevent fatal error and over-broad proxy trust

A non-numeric or empty mask in trustedproxies (e.g. 10.0.0.0/abc or
10.0.0.0/) threw an uncaught TypeError on the IPv4 path, and a negative
mask (10.0.0.0/-1) passed the bounds check and produced a bitmask that
matched every IPv4, silently trusting all proxies.

Validate the mask as a non-negative integer in ipInRange() and broaden
the ipMatches() catch to Throwable so an invalid range degrades to
'no match' instead of a 500.