[Bug 38117] Security: Bad IP range recognition
https://bugzilla.wikimedia.org/show_bug.cgi?id=38117 Olaf Lenz o...@lenz.name changed: What|Removed |Added URL||http://www.mediawiki.org/wi ||ki/Extension:NetworkAuth -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are the assignee for the bug. You are on the CC list for the bug. ___ Wikibugs-l mailing list Wikibugs-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
[Bug 38117] Security: Bad IP range recognition
https://bugzilla.wikimedia.org/show_bug.cgi?id=38117
--- Comment #1 from Olaf Lenz o...@lenz.name 2012-07-02 13:29:59 UTC ---
The proposed fix to this bug is to explicitly cast the transformed IP address
to a number by using hexdec() like:
$ip = wfGetIP();
$hex = hexdec(IP::toHex( $ip ));
if ( $hex = hexdec(IP::toHex( $parsedRange[0] ))
$hex = hexdec(IP::toHex( $parsedRange[1] )))
{
# authenticate user
}
--
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
--- You are receiving this mail because: ---
You are the assignee for the bug.
You are on the CC list for the bug.
___
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
