From ceb77fa9a841ba950dd27f634d1d6399ff207e03 Mon Sep 17 00:00:00 2001 From: Cole Smith Date: Fri, 3 May 2024 14:56:39 +0000 Subject: [PATCH] OP#279 IP lookups in /8 range abort DBReader will now abort when looking up an IP in the /8 range --- src/IPQualityScore/DB/DBReader.php | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/IPQualityScore/DB/DBReader.php b/src/IPQualityScore/DB/DBReader.php index 39dd72f..4958669 100644 --- a/src/IPQualityScore/DB/DBReader.php +++ b/src/IPQualityScore/DB/DBReader.php @@ -45,6 +45,14 @@ public function Fetch($ip){ throw new FileReaderException("Attemtped to look up IPv6 using IPv4 database file. Aborting."); } + list(, $subnet, ) = explode('/', "0.0.0.0/8"); + $incomingIP = ip2long($ip); + if (ip2long($subnet) <= $incomingIP && $incomingIP <= ip2long('255.255.255.255')) { + // ip is in acceptable range + } else { + throw new Exception("Attempted to look up ip in 0.0.0.0/8 range. Aborting."); + } + $position = 0; $previous = array(); $literal = $this->IP2Literal($ip);