firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

[KVE-2025-0351]ip 검증 취약점 수정

Browse Source
This commit is contained in:
thisgun
2025-05-28 10:57:09 +09:00
parent c9100d2e38
commit 61576d3e87
1 changed files with 3 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/common.lib.php
View File

@ -4117,13 +4117,7 @@ function safe_replace_regex($str, $str_case=''){
function get_real_client_ip() { function get_real_client_ip() {
$real_ip = $_SERVER['REMOTE_ADDR']; return run_replace('get_real_client_ip', $_SERVER['REMOTE_ADDR']);
if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\z/', $_SERVER['HTTP_X_FORWARDED_FOR']) ){
$real_ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
}
return preg_replace('/[^0-9.]/', '', $real_ip);
} }
function check_mail_bot($ip=''){ function check_mail_bot($ip=''){