IP: Fix sanitization of IPv4 ranges

author Brad Jorsch <bjorsch@wikimedia.org>

Tue, 22 May 2018 21:12:30 +0000 (17:12 -0400)

committer Brad Jorsch <bjorsch@wikimedia.org>

Wed, 23 May 2018 14:34:20 +0000 (10:34 -0400)
author Brad Jorsch <bjorsch@wikimedia.org>
Tue, 22 May 2018 21:12:30 +0000 (17:12 -0400)
committer Brad Jorsch <bjorsch@wikimedia.org>
Wed, 23 May 2018 14:34:20 +0000 (10:34 -0400)
diff --git a/includes/libs/IP.php b/includes/libs/IP.php

index f95bb1e..06589d2 100644 (file)
--- a/includes/libs/IP.php
+++ b/includes/libs/IP.php
@@ -164,7 +164,7 @@ class IP {
                 }
                 if ( self::isIPv4( $ip ) ) {
                         // Remove leading 0's from octet representation of IPv4 address
-                       $ip = preg_replace( '/(?:^|(?<=\.))0+(?=[1-9]|0\.|0$)/', '', $ip );
+                       $ip = preg_replace( '!(?:^|(?<=\.))0+(?=[1-9]|0[./]|0$)!', '', $ip );
                         return $ip;
                 }
                 // Remove any whitespaces, convert to upper case
diff --git a/tests/phpunit/includes/libs/IPTest.php b/tests/phpunit/includes/libs/IPTest.php

index 9702c82..9ec53c0 100644 (file)
--- a/tests/phpunit/includes/libs/IPTest.php
+++ b/tests/phpunit/includes/libs/IPTest.php
@@ -325,6 +325,7 @@ class IPTest extends PHPUnit\Framework\TestCase {
                         [ '0.0.0.0', '0.0.0.0' ],
                         [ '0.0.0.0', '00.00.00.00' ],
                         [ '0.0.0.0', '000.000.000.000' ],
+                       [ '0.0.0.0/24', '000.000.000.000/24' ],
                         [ '141.0.11.253', '141.000.011.253' ],
                         [ '1.2.4.5', '1.2.4.5' ],
                         [ '1.2.4.5', '01.02.04.05' ],
author	Brad Jorsch <bjorsch@wikimedia.org>
	Tue, 22 May 2018 21:12:30 +0000 (17:12 -0400)
committer	Brad Jorsch <bjorsch@wikimedia.org>
	Wed, 23 May 2018 14:34:20 +0000 (10:34 -0400)
includes/libs/IP.php		patch \| blob \| history
tests/phpunit/includes/libs/IPTest.php		patch \| blob \| history