BugTrack/2304

[proxy.php] Regular expression parity check incorrect for in_the_net†

ページ: BugTrack2
投稿者: JordanC
優先順位: 低
状態: 却下
カテゴリー: 本体バグ
投稿日: 2008-04-24 (木) 03:49:44
バージョン:

メッセージ†

Because the regular expression used as PKWK_CIDR_NETWORK_REGEX is the following:

"/^(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})(?:\/([0-9.]+))?$/"

Which shorthands to:

"/^((\d{1,3}){4})(?:\/([0-9.]+))?$/"

An invalid IP address can be used in this check, but it's somewhat of a limitation of brackets for recursion. The following IP addresses are valid with the above regular expression as \d refers to numeric data.

The following IP addresses are valid with the regular expression used:

999.999.999.999
090.090.090.090
000.000.000.000

Again, it's not a HUGE thing but it will throw an error and waste processing time when ip2long is called and the (erroneous) IP address is used.

Regards,

A regex which will correct this is, of course - "\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b" :) -- JordanC 2008-04-24 (木) 03:53:23
Probably could reduce that to.. "((2[0-5][0-5]|1[0-9][0-9])\.){3}((2[0-5][0-5]|1[0-9][0-9])\.?){1}" -- JordanC 2008-04-24 (木) 04:02:30
Yeah, these are just rough, for addresses like 127.0.0.1 due to the minimums and all that. Haven't got a regex checker here, folks :( -- JordanC 2008-04-24 (木) 04:04:36

total:
today:
yesterday:
now: 1

[proxy.php] Regular expression parity check incorrect for in_the_net†

メッセージ†

最新の16件