[BUGFIX] Make StatisticsWriterProcessor::applyIpMask more robust (#1841)

This pr: * Makes the method StatisticsWriterProcessor::applyIpMask more robust by casting the arguments to the expected value before Fixes: #1831
TYPO3-Solr · Feb 16, 2018 · 8aa101a · 8aa101a
1 parent ee45cd6
commit 8aa101a
Showing 1 changed file with 44 additions and 20 deletions.
diff --git a/Classes/Domain/Search/Statistics/StatisticsWriterProcessor.php b/Classes/Domain/Search/Statistics/StatisticsWriterProcessor.php
@@ -71,7 +71,7 @@ public function process(SearchResultSet $resultSet) {
         $filters = $searchRequest->getActiveFacets();
         $sorting = $this->sanitizeString($searchRequest->getSorting());
         $page = (int)$searchRequest->getPage();
-        $ipMaskLength = $configuration->getStatisticsAnonymizeIP();
+        $ipMaskLength = (int)$configuration->getStatisticsAnonymizeIP();
 
         $TSFE = $this->getTSFE();
         $statisticData = [
@@ -86,7 +86,7 @@ public function process(SearchResultSet $resultSet) {
             'time_processing' => isset($response->debug->timing->process->time) ? $response->debug->timing->process->time : 0,
             'feuser_id' => (int)$TSFE->fe_user->user['uid'],
             'cookie' => $TSFE->fe_user->id,
-            'ip' => $this->applyIpMask($this->getUserIp(), $ipMaskLength),
+            'ip' => $this->applyIpMask((string)$this->getUserIp(), $ipMaskLength),
             'page' => (int)$page,
             'keywords' => $keywords,
             'filters' => serialize($filters),
@@ -139,29 +139,53 @@ protected function sanitizeString($string)
      * @param int $maskLength Number of octets to reset
      * @return string
      */
-    protected function applyIpMask($ip, $maskLength)
+    protected function applyIpMask(string $ip, int $maskLength): string
     {
+        if (empty($ip) || $maskLength === 0) {
+            return $ip;
+        }
+
         // IPv4 or mapped IPv4 in IPv6
         if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
-            $i = strlen($ip);
-            if ($maskLength > $i) {
-                $maskLength = $i;
-            }
-
-            while ($maskLength-- > 0) {
-                $ip[--$i] = chr(0);
-            }
-        } else {
-            $masks = [
-                'ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff',
-                'ffff:ffff:ffff:ffff::',
-                'ffff:ffff:ffff:0000::',
-                'ffff:ff00:0000:0000::'
-            ];
-            return $ip & pack('a16', inet_pton($masks[$maskLength]));
+            return $this->applyIpV4Mask($ip, $maskLength);
+        }
+
+        return $this->applyIpV6Mask($ip, $maskLength);
+    }
+
+    /**
+     * Apply a mask filter on the ip v4 address.
+     *
+     * @param string $ip
+     * @param int $maskLength
+     * @return string
+     */
+    protected function applyIpV4Mask($ip, $maskLength)
+    {
+        $i = strlen($ip);
+        if ($maskLength > $i) {
+            $maskLength = $i;
         }
 
-        return $ip;
+        while ($maskLength-- > 0) {
+            $ip[--$i] = chr(0);
+        }
+        return (string)$ip;
+    }
+
+    /**
+     * Apply a mask filter on the ip v6 address.
+     *
+     * @param string $ip
+     * @param int $maskLength
+     * @return int
+     */
+    protected function applyIpV6Mask($ip, $maskLength):int
+    {
+        $masks = ['ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff', 'ffff:ffff:ffff:ffff::', 'ffff:ffff:ffff:0000::', 'ffff:ff00:0000:0000::'];
+        $packedAddress = inet_pton($masks[$maskLength]);
+        $binaryString = pack('a16', $packedAddress);
+        return (string)($ip & $binaryString);
     }
 
     /**