From 57445f04259077c5bf927fc6a6dca189fbe86214 Mon Sep 17 00:00:00 2001 From: Brad Jorsch Date: Tue, 22 May 2018 17:12:30 -0400 Subject: [PATCH] IP: Fix sanitization of IPv4 ranges '000.000.000.000/24' should sanitize to '0.0.0.0/24', not '0.0.0.000/24'. Change-Id: I9364cb268dcc9b9b24aa1c627a87482978c4cf34 --- includes/libs/IP.php | 2 +- tests/phpunit/includes/libs/IPTest.php | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/includes/libs/IP.php b/includes/libs/IP.php index f95bb1ebde..06589d2787 100644 --- a/includes/libs/IP.php +++ b/includes/libs/IP.php @@ -164,7 +164,7 @@ class IP { } if ( self::isIPv4( $ip ) ) { // Remove leading 0's from octet representation of IPv4 address - $ip = preg_replace( '/(?:^|(?<=\.))0+(?=[1-9]|0\.|0$)/', '', $ip ); + $ip = preg_replace( '!(?:^|(?<=\.))0+(?=[1-9]|0[./]|0$)!', '', $ip ); return $ip; } // Remove any whitespaces, convert to upper case diff --git a/tests/phpunit/includes/libs/IPTest.php b/tests/phpunit/includes/libs/IPTest.php index 9702c82c60..9ec53c00c7 100644 --- a/tests/phpunit/includes/libs/IPTest.php +++ b/tests/phpunit/includes/libs/IPTest.php @@ -325,6 +325,7 @@ class IPTest extends PHPUnit\Framework\TestCase { [ '0.0.0.0', '0.0.0.0' ], [ '0.0.0.0', '00.00.00.00' ], [ '0.0.0.0', '000.000.000.000' ], + [ '0.0.0.0/24', '000.000.000.000/24' ], [ '141.0.11.253', '141.000.011.253' ], [ '1.2.4.5', '1.2.4.5' ], [ '1.2.4.5', '01.02.04.05' ], -- 2.20.1