diff options
| author | Ferdinand Thiessen <opensource@fthiessen.de> | 2024-01-29 16:19:51 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-01-29 16:19:51 +0100 |
| commit | 85978593fea8330c498a05781a54727c735f9f3b (patch) | |
| tree | a701d6a382789735bd360c4cd38c36592caa7fe6 /lib/private/AppFramework | |
| parent | c1e5ebaed578b655ea5a54ea848b19ad5147815a (diff) | |
| parent | 7620d230df8756a9c439c4acbd756fbeae9345f7 (diff) | |
| download | nextcloud-server-85978593fea8330c498a05781a54727c735f9f3b.tar.gz nextcloud-server-85978593fea8330c498a05781a54727c735f9f3b.zip | |
Merge pull request #42794 from nextcloud/fix/invalid-trusted-proxies
fix(Request): Catch exceptions in `isTrustedProxy`
Diffstat (limited to 'lib/private/AppFramework')
| -rw-r--r-- | lib/private/AppFramework/Http/Request.php | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/lib/private/AppFramework/Http/Request.php b/lib/private/AppFramework/Http/Request.php index 07ca08391f4..e913c83fa8d 100644 --- a/lib/private/AppFramework/Http/Request.php +++ b/lib/private/AppFramework/Http/Request.php @@ -573,7 +573,14 @@ class Request implements \ArrayAccess, \Countable, IRequest { * @return boolean true if $remoteAddress matches any entry in $trustedProxies, false otherwise */ protected function isTrustedProxy($trustedProxies, $remoteAddress) { - return IpUtils::checkIp($remoteAddress, $trustedProxies); + try { + return IpUtils::checkIp($remoteAddress, $trustedProxies); + } catch (\Throwable) { + // We can not log to our log here as the logger is using `getRemoteAddress` which uses the function, so we would have a cyclic dependency + // Reaching this line means `trustedProxies` is in invalid format. + error_log('Nextcloud trustedProxies has malformed entries'); + return false; + } } /** |