r20375 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r20374‎ \| r20375 \| r20376 >
Date:	21:37, 12 March 2007
Author:	aaron
Status:	old
Tags:
Comment:	*IPv6 sanitizing, avoid use of native hex functions, enlarge ip box for blockip a bit
Modified paths:	/trunk/phase3/includes/Block.php (modified) (history) /trunk/phase3/includes/IP.php (modified) (history) /trunk/phase3/includes/SpecialBlockip.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/SpecialBlockip.php
—	—	@@ -113,7 +113,7 @@
114	114	<tr>
115	115	<td align=\"right\">{$mIpaddress}:</td>
116	116	<td align=\"left\">
117		~~- " . Xml::input( 'wpBlockAddress', 40, $this->BlockAddress,~~
	117	+ " . Xml::input( 'wpBlockAddress', 45, $this->BlockAddress,
118	118	array(
119	119	'tabindex' => '1',
120	120	'id' => 'mw-bi-target',
—	—	@@ -136,14 +136,14 @@
137	137	<tr id='wpBlockOther'>
138	138	<td align=\"right\">{$mIpbother}:</td>
139	139	<td align=\"left\">
140		~~- " . Xml::input( 'wpBlockOther', 40, $this->BlockOther,~~
	140	+ " . Xml::input( 'wpBlockOther', 45, $this->BlockOther,
141	141	array( 'tabindex' => '3', 'id' => 'mw-bi-other' ) ) . "
142	142	</td>
143	143	</tr>
144	144	<tr>
145	145	<td align=\"right\">{$mIpbreason}:</td>
146	146	<td align=\"left\">
147		~~- " . Xml::input( 'wpBlockReason', 40, $this->BlockReason,~~
	147	+ " . Xml::input( 'wpBlockReason', 45, $this->BlockReason,
148	148	array( 'tabindex' => '3', 'id' => 'mw-bi-reason' ) ) . "
149	149	</td>
150	150	</tr>
—	—	@@ -200,7 +200,7 @@
201	201	$userId = 0;
202	202	$this->BlockAddress = trim( $this->BlockAddress );
203	203	# Expand valid IPv6 addresses, usernames are left as is
204		~~- $this->BlockAddress = IP::expandIP( $this->BlockAddress );~~
	204	+ $this->BlockAddress = IP::sanitizeIP( $this->BlockAddress );
205	205	# isIPv4() and IPv6() are used for final validation
206	206	$rxIP4 = '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}';
207	207	$rxIP6 = '\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}';
Index: trunk/phase3/includes/Block.php
—	—	@@ -27,7 +27,7 @@
28	28	{
29	29	$this->mId = 0;
30	30	# Expand valid IPv6 addresses
31		~~- $address = IP::expandIP( $address );~~
	31	+ $address = IP::sanitizeIP( $address );
32	32	$this->mAddress = $address;
33	33	$this->mUser = $user;
34	34	$this->mBy = $by;
—	—	@@ -176,7 +176,8 @@
177	177	/**
178	178	* Fill in member variables from a result wrapper
179	179	*/
180		~~- function loadFromResult( ResultWrapper $res, $killExpired = true ) {~~
	180	+ function loadFromResult( ResultWrapper $res, $killExpired = true )
	181	+ {
181	182	$ret = false;
182	183	if ( 0 != $res->numRows() ) {
183	184	# Get first block
Index: trunk/phase3/includes/IP.php
—	—	@@ -82,7 +82,7 @@
83	83	*/
84	84	public function toUnsigned6( $ip ) {
85	85	if ( !$ip ) return null;
86		~~- $ip = explode(':', self::expandIP( $ip ) );~~
	86	+ $ip = explode(':', self::sanitizeIP( $ip ) );
87	87	$r_ip = '';
88	88	foreach ($ip as $v) {
89	89	$r_ip .= wfBaseConvert( $v, 16, 2, 16);
—	—	@@ -95,10 +95,12 @@
96	96	* @param $ip octet ipv6 IP address.
97	97	* @return string
98	98	*/
99		~~- public function expandIP( $ip ) {~~
	99	+ public function sanitizeIP( $ip ) {
100	100	if ( !$ip ) return null;
101	101	// Only IPv6 addresses can be expanded
102	102	if ( !self::isIPv6( $ip ) ) return $ip;
	103	+ // Convert to upper case
	104	+ $ip = strtoupper( $ip );
103	105	// Expand zero abbreviations
104	106	if ( substr_count($ip, '::') ) {
105	107	$ip = str_replace('::', str_repeat(':0000', 8 - substr_count($ip, ':')) . ':', $ip);
—	—	@@ -112,14 +114,13 @@
113	115	* @return string
114	116	*/
115	117	public function toOctet( $ip_int ) {
116		~~- $ip_int = strval($ip_int);~~
117	118	// Convert integer to binary
118	119	$ip_int = wfBaseConvert($ip_int, 10, 2, 128);
119	120	// Seperate into 8 octets
120		~~- $ip_oct = base_convert( substr( $ip_int, 0, 16 ), 2, 16 );~~
	121	+ $ip_oct = wfBaseConvert( substr( $ip_int, 0, 16 ), 2, 16, 1, false );
121	122	for ($n=1; $n < 8; $n++) {
122	123	// Convert to hex, and add ":" marks
123		~~- $ip_oct .= ':' . base_convert( substr($ip_int, 16*$n, 16), 2, 16 );~~
	124	+ $ip_oct .= ':' . wfBaseConvert( substr($ip_int, 16*$n, 16), 2, 16, 1, false );
124	125	}
125	126	return $ip_oct;
126	127	}
—	—	@@ -129,7 +130,8 @@
130	131	* @return array(string, int)
131	132	*/
132	133	public static function parseCIDR6( $range ) {
133		~~- $parts = explode( '/', $range, 2 );~~
	134	+ # Expand any IPv6 IP
	135	+ $parts = explode( '/', IP::sanitizeIP( $range ), 2 );
134	136	if ( count( $parts ) != 2 ) {
135	137	return array( false, false );
136	138	}
—	—	@@ -166,14 +168,21 @@
167	169	* @return array(string, int)
168	170	*/
169	171	public static function parseRange6( $range ) {
	172	+ # Expand any IPv6 IP
	173	+ $range = IP::sanitizeIP( $range );
170	174	if ( strpos( $range, '/' ) !== false ) {
171	175	# CIDR
172	176	list( $network, $bits ) = self::parseCIDR6( $range );
173	177	if ( $network === false ) {
174	178	$start = $end = false;
175	179	} else {
176		~~- $start = sprintf( '%08X', $network );~~
177		~~- $end = sprintf( '%08X', $network + pow( 2, (128 - $bits) ) - 1 );~~
	180	+ $start = wfBaseConvert( $network, 10, 16, 1, false );
	181	+ # Turn network to binary (again)
	182	+ $end = wfBaseConvert( $network, 10, 2, 128 );
	183	+ # Truncate the last (128-$bits) bits and replace them with ones
	184	+ $end = str_pad( substr( $end, 0, $bits ), 128, 1, STR_PAD_RIGHT );
	185	+ # Convert to hex
	186	+ $end = wfBaseConvert( $end, 2, 16, 1, false );
178	187	}
179	188	} elseif ( strpos( $range, '-' ) !== false ) {
180	189	# Explicit range
—	—	@@ -182,8 +191,8 @@
183	192	if ( $start > $end ) {
184	193	$start = $end = false;
185	194	} else {
186		~~- $start = sprintf( '%08X', $start );~~
187		~~- $end = sprintf( '%08X', $end );~~
	195	+ $start = wfBaseConvert( $start, 10, 16, 1, false );
	196	+ $end = wfBaseConvert( $end, 10, 16, 1, false );
188	197	}
189	198	} else {
190	199	# Single IP
—	—	@@ -191,7 +200,7 @@
192	201	}
193	202	if ( $start === false \|\| $end === false ) {
194	203	return array( false, false );
195		~~- } else {~~
	204	+ } else {
196	205	return array( $start, $end );
197	206	}
198	207	}
—	—	@@ -283,7 +292,7 @@
284	293	// Use IPv6 functions if needed
285	294	$n = ( self::isIPv6($ip) ) ? self::toUnsigned6( $ip ) : self::toUnsigned( $ip );
286	295	if ( $n !== false ) {
287		~~- $n = sprintf( '%08X', $n );~~
	296	+ $n = wfBaseConvert( $n, 10, 16, 1, false );
288	297	}
289	298	return $n;
290	299	}