Package home | Report new bug | New search | Development Roadmap Status: Open | Feedback | All | Closed Since Version 1.3.0b4

Bug #23737 checkIPv6 validates IPv6 addresses with invalid charactes
Submitted: 2018-02-13 23:37 UTC
From: astpear Assigned: am
Status: Assigned Package: Net_IPv6 (version 1.3.0b3)
PHP Version: 5.6.32 OS: RHEL 6.5
Roadmaps: (Not assigned)    
Subscription  


 [2018-02-13 23:37 UTC] astpear (as toth)
Description: ------------ '2001:4998:c:6d02::/64' will pass checkIPv6 because the invalid segment contains hexadecimal characters. This logic: if(!preg_match('/[0-9a-fA-F]*/', $element)) { should probably apply to $ip and search for invalid, rather than valid, characters. if(preg_match('/[^:0-9a-fA-F]+/', $ip)) { return false; } Rather than searching for invalid characters it searches for valid characters Test script: --------------- require_once 'Net/IPv6.php'; $ip = '2001:4998:c:6d02::/64'; if (Net_IPv6::checkIPv6($ip)) { echo "pass\n"; } Expected result: ---------------- I expect no output. Actual result: -------------- I get "pass."

Comments

 [2018-02-14 21:18 UTC] alexmerz (Alexander Merz)
-Status: Open +Status: Assigned -Assigned To: +Assigned To: am
 [2018-02-18 10:28 UTC] alexmerz (Alexander Merz)
Would you please expand on which part of the address is supposed to be invalid and why? 'c' and '6d02' contain both valid hex characters.