Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-78311

Error in IP validation code returning an empty string when a valid IP is passed as a parameter

XMLWordPrintable

      In the provided code, there is a bug that causes it to return an empty string when a valid IP address is passed as a parameter to the $param variable. The code is intended to allow both Fully Qualified Domain Names (FQDN) and IPv4 addresses in dotted quad format. However, there is a logical error in the validation of IP addresses.

      The error occurs in the code block that attempts to confirm if the input string is a valid IP address. If the string matches the pattern of an IP address, it checks if each of the dot-separated number groups is greater than 255. However, the index used to check the number groups is incorrect. It should iterate over indices 1, 2, 3, and 4 of the $match array to verify each octet of the IP address.

      As a result of this bug, when a valid IP address is passed with one or more number groups greater than 255, the code assigns an empty string to the $param variable, indicating an incorrect outcome.

      ../moodle/lib/moodlelib.php:1060

              case PARAM_HOST:
                  // Allow FQDN or IPv4 dotted quad.
                  $param = preg_replace('/[^\.\d\w-]/', '', (string)$param );
                  // Match ipv4 dotted quad.
                  if (preg_match('/(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/', $param, $match)) {
                      // Confirm values are ok.

      –               if ( $match[0] > 255
      --                     || $match[1] > 255
      ++                if ( $match[1] > 255
      ++                     || $match[2] > 255
                           || $match[3] > 255
                           || $match[4] > 255 )

      {                     // Hmmm, what kind of dotted quad is this?                     $param = '';                 }

                  } else if ( preg_match('/^[\w\d\.-]+$/', $param) // Dots, hyphens, numbers.
                             && !preg_match('/^[\.-]/',  $param) // No leading dots/hyphens.
                             && !preg_match('/[\.-]$/',  $param) // No trailing dots/hyphens.
                             )

      {                 // All is ok - $param is respected.             }

      else

      {                 // All is not ok...                 $param='';             }

                  return $param;

      All versions of Moodle are affected, from 1.9x to 4.2.x.

            pholden Paul Holden
            rdrcti Ricardo Díaz
            Andrew Lyons Andrew Lyons
            Jun Pataleta Jun Pataleta
            CiBoT CiBoT
            Votes:
            24 Vote for this issue
            Watchers:
            19 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - 0 minutes
                0m
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 2 hours, 10 minutes
                2h 10m

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.