[KVE-2025-0351]ip 검증 취약점 수정

2025-05-28 10:57:09 +09:00
parent c9100d2e38
commit 61576d3e87
1 changed files with 3 additions and 9 deletions
--- a/lib/common.lib.php
+++ b/lib/common.lib.php
@ -4115,15 +4115,9 @@ function safe_replace_regex($str, $str_case=''){
    return preg_replace('/[^0-9a-z_\-]/i', '', $str);
 }

-function get_real_client_ip(){
-
-    $real_ip = $_SERVER['REMOTE_ADDR'];
-
-    if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/', $_SERVER['HTTP_X_FORWARDED_FOR']) ){
-        $real_ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
-    }
-
-    return preg_replace('/[^0-9.]/', '', $real_ip);
+function get_real_client_ip() {
+    
+    return run_replace('get_real_client_ip', $_SERVER['REMOTE_ADDR']);
 }

 function check_mail_bot($ip=''){