jenkins-bot has submitted this change and it was merged. (
https://gerrit.wikimedia.org/r/368327 )
Change subject: Use methods from the IP class to validate IPs and CIDR ranges
......................................................................
Use methods from the IP class to validate IPs and CIDR ranges
Bug: T171699
Change-Id: I7609862e8a4310991b4ae6e71616ad3043ad14e7
---
M extension.json
M specials/SpecialCheckUser.php
2 files changed, 11 insertions(+), 29 deletions(-)
Approvals:
jenkins-bot: Verified
MusikAnimal: Looks good to me, approved
diff --git a/extension.json b/extension.json
index bd5dda2..0803a14 100644
--- a/extension.json
+++ b/extension.json
@@ -10,7 +10,7 @@
"license-name": "GPL-2.0+",
"type": "specialpage",
"requires": {
- "MediaWiki": ">= 1.27.0"
+ "MediaWiki": ">= 1.30.0"
},
"ExtensionMessagesFiles": {
"CheckUserAliases": "CheckUser.alias.php"
diff --git a/specials/SpecialCheckUser.php b/specials/SpecialCheckUser.php
index cfc006d..6e612f8 100644
--- a/specials/SpecialCheckUser.php
+++ b/specials/SpecialCheckUser.php
@@ -1518,43 +1518,25 @@
/**
* @param IDatabase $db
- * @param string $ip
+ * @param string $target an IP address or CIDR range
* @param string|bool $xfor
* @return array|false array for valid conditions, false if invalid
*/
- public static function getIpConds( $db, $ip, $xfor = false ) {
+ public static function getIpConds( $db, $target, $xfor = false ) {
global $wgCheckUserCIDRLimit;
$type = $xfor ? 'xff' : 'ip';
- $matches = [];
- if ( preg_match( '#^(\d+\.\d+\.\d+\.\d+)/(\d+)$#', $ip,
$matches ) ) {
- // IPv4 CIDR, 16-32 bits
- if ( $matches[2] < $wgCheckUserCIDRLimit['IPv4'] ||
$matches[2] > 32 ) {
- return false; // invalid
+ if ( IP::isValidRange( $target ) ) {
+ list( $ip, $range ) = explode( '/', $target, 2 );
+ if ( ( IP::isIPv4( $ip ) && $range <
$wgCheckUserCIDRLimit['IPv4'] ) ||
+ ( IP::isIPv6( $ip ) && $range <
$wgCheckUserCIDRLimit['IPv6'] ) ) {
+ return false; // range is too wide
}
- list( $start, $end ) = IP::parseRange( $ip );
return [ 'cuc_' . $type . '_hex BETWEEN ' .
$db->addQuotes( $start ) .
' AND ' . $db->addQuotes( $end ) ];
- } elseif ( preg_match(
-
'#^\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}/(\d+)$#',
- $ip, $matches )
- ) {
- // IPv6 CIDR, 32-128 bits
- if ( $matches[1] < $wgCheckUserCIDRLimit['IPv6'] ||
$matches[1] > 128 ) {
- return false; // invalid
- }
- list( $start, $end ) = IP::parseRange( $ip );
- return [ 'cuc_' . $type . '_hex BETWEEN ' .
$db->addQuotes( $start ) .
- ' AND ' . $db->addQuotes( $end ) ];
- } elseif (
- // 32 bit IPv4
- preg_match( '#^(\d+)\.(\d+)\.(\d+)\.(\d+)$#', $ip ) ||
- // 128 bit IPv6
- preg_match(
'#^\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}$#', $ip )
- ) {
- return [ "cuc_{$type}_hex" => IP::toHex( $ip ) ];
+ } elseif ( IP::isValid( $target ) ) {
+ return [ "cuc_{$type}_hex" => IP::toHex(
$target ) ];
}
- // Throw away this query, incomplete IP, these don't get
through the entry point anyway
- return false;
+ return false; // invalid IP
}
protected function getTimeConds( $period ) {
--
To view, visit https://gerrit.wikimedia.org/r/368327
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I7609862e8a4310991b4ae6e71616ad3043ad14e7
Gerrit-PatchSet: 12
Gerrit-Project: mediawiki/extensions/CheckUser
Gerrit-Branch: master
Gerrit-Owner: Huji <[email protected]>
Gerrit-Reviewer: Huji <[email protected]>
Gerrit-Reviewer: Legoktm <[email protected]>
Gerrit-Reviewer: MusikAnimal <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
