-
Bug
-
Resolution: Fixed
-
Minor
-
3.9.21, 3.11.14, 4.0.8, 4.1.3, 4.2, 4.2.5, 4.3.2
-
MOODLE_311_STABLE, MOODLE_39_STABLE, MOODLE_400_STABLE, MOODLE_401_STABLE, MOODLE_402_STABLE, MOODLE_403_STABLE
-
MOODLE_402_STABLE, MOODLE_403_STABLE
-
MDL-78311-403 -
- Covered by automated testing (PHPUnit)
In the provided code, there is a bug that causes it to return an empty string when a valid IP address is passed as a parameter to the $param variable. The code is intended to allow both Fully Qualified Domain Names (FQDN) and IPv4 addresses in dotted quad format. However, there is a logical error in the validation of IP addresses.
The error occurs in the code block that attempts to confirm if the input string is a valid IP address. If the string matches the pattern of an IP address, it checks if each of the dot-separated number groups is greater than 255. However, the index used to check the number groups is incorrect. It should iterate over indices 1, 2, 3, and 4 of the $match array to verify each octet of the IP address.
As a result of this bug, when a valid IP address is passed with one or more number groups greater than 255, the code assigns an empty string to the $param variable, indicating an incorrect outcome.
../moodle/lib/moodlelib.php:1060
case PARAM_HOST:
// Allow FQDN or IPv4 dotted quad.
$param = preg_replace('/[^\.\d\w-]/', '', (string)$param );
// Match ipv4 dotted quad.
if (preg_match('/(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/', $param, $match)) {
// Confirm values are ok.
– if ( $match[0] > 255
-- || $match[1] > 255
++ if ( $match[1] > 255
++ || $match[2] > 255
|| $match[3] > 255
|| $match[4] > 255 )
} else if ( preg_match('/^[\w\d\.-]+$/', $param) // Dots, hyphens, numbers.
&& !preg_match('/^[\.-]/', $param) // No leading dots/hyphens.
&& !preg_match('/[\.-]$/', $param) // No trailing dots/hyphens.
)
else
{ // All is not ok... $param=''; }return $param;
All versions of Moodle are affected, from 1.9x to 4.2.x.
- is duplicated by
-
MDL-80261 PARAM_HOST - wrong cleaning
- Closed