Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-78311

Error in IP validation code returning an empty string when a valid IP is passed as a parameter

    XMLWordPrintable

Details

    Description

      In the provided code, there is a bug that causes it to return an empty string when a valid IP address is passed as a parameter to the $param variable. The code is intended to allow both Fully Qualified Domain Names (FQDN) and IPv4 addresses in dotted quad format. However, there is a logical error in the validation of IP addresses.

      The error occurs in the code block that attempts to confirm if the input string is a valid IP address. If the string matches the pattern of an IP address, it checks if each of the dot-separated number groups is greater than 255. However, the index used to check the number groups is incorrect. It should iterate over indices 1, 2, 3, and 4 of the $match array to verify each octet of the IP address.

      As a result of this bug, when a valid IP address is passed with one or more number groups greater than 255, the code assigns an empty string to the $param variable, indicating an incorrect outcome.

      ../moodle/lib/moodlelib.php:1060

              case PARAM_HOST:
                  // Allow FQDN or IPv4 dotted quad.
                  $param = preg_replace('/[^\.\d\w-]/', '', (string)$param );
                  // Match ipv4 dotted quad.
                  if (preg_match('/(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/', $param, $match)) {
                      // Confirm values are ok.

      –               if ( $match[0] > 255
      --                     || $match[1] > 255
      ++                if ( $match[1] > 255
      ++                     || $match[2] > 255
                           || $match[3] > 255
                           || $match[4] > 255 )

      {                     // Hmmm, what kind of dotted quad is this?                     $param = '';                 }

                  } else if ( preg_match('/^[\w\d\.-]+$/', $param) // Dots, hyphens, numbers.
                             && !preg_match('/^[\.-]/',  $param) // No leading dots/hyphens.
                             && !preg_match('/[\.-]$/',  $param) // No trailing dots/hyphens.
                             )

      {                 // All is ok - $param is respected.             }

      else

      {                 // All is not ok...                 $param='';             }

                  return $param;

      All versions of Moodle are affected, from 1.9x to 4.2.x.

      Attachments

        Issue Links

          Activity

            People

              pholden Paul Holden
              rdrcti Ricardo Díaz
              Andrew Lyons Andrew Lyons
              Jun Pataleta Jun Pataleta
              CiBoT CiBoT
              Votes:
              24 Vote for this issue
              Watchers:
              19 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - 0 minutes
                  0m
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 2 hours, 10 minutes
                  2h 10m

                  Clockify

                    Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.