Searched hist:"40981 bcc82357fbbd1b690d99568e7e7a022a5c0" (Results 1 – 2 of 2) sorted by relevance
| /dokuwiki/_test/tests/inc/ |
| H A D | IpTest.php | 40981bcc82357fbbd1b690d99568e7e7a022a5c0 Thu Jun 25 19:20:20 UTC 2026 Andreas Gohr <gohr@cosmocode.de> Ip: validate CIDR mask to prevent fatal error and over-broad proxy trust
A non-numeric or empty mask in trustedproxies (e.g. 10.0.0.0/abc or 10.0.0.0/) threw an uncaught TypeError on the IPv4 path, and a negative mask (10.0.0.0/-1) passed the bounds check and produced a bitmask that matched every IPv4, silently trusting all proxies.
Validate the mask as a non-negative integer in ipInRange() and broaden the ipMatches() catch to Throwable so an invalid range degrades to 'no match' instead of a 500.
|
| /dokuwiki/inc/ |
| H A D | Ip.php | 40981bcc82357fbbd1b690d99568e7e7a022a5c0 Thu Jun 25 19:20:20 UTC 2026 Andreas Gohr <gohr@cosmocode.de> Ip: validate CIDR mask to prevent fatal error and over-broad proxy trust
A non-numeric or empty mask in trustedproxies (e.g. 10.0.0.0/abc or 10.0.0.0/) threw an uncaught TypeError on the IPv4 path, and a negative mask (10.0.0.0/-1) passed the bounds check and produced a bitmask that matched every IPv4, silently trusting all proxies.
Validate the mask as a non-negative integer in ipInRange() and broaden the ipMatches() catch to Throwable so an invalid range degrades to 'no match' instead of a 500.
|