From 2d055eea300ce36cb47ae187fdb23af8af17a3f4 Mon Sep 17 00:00:00 2001 From: Umherirrender Date: Wed, 14 Jun 2023 20:42:45 +0200 Subject: [PATCH] block: Normalize ip in DatabaseBlock::doAutoblock When using $wgPutIPinRC the ip from rc_ip is used, which is stored as ::1, but blocks working with 0:0:0:0:0:0:0:1, so parse the ip with the BlockUtils::parseBlockTarget and use that value. Also reject possible invalid types, as this is a public function and may called with something not wanted. The ip given via User::spreadAnyEditBlock is also ::1 and the autoblock would be inserted, when also a regular ip block exists against ::1 Change-Id: I9c1f429a7b0ff9b2274b72c46bf850d9db9492cd --- includes/block/DatabaseBlock.php | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/includes/block/DatabaseBlock.php b/includes/block/DatabaseBlock.php index b3a4742c788..5d849f1dea8 100644 --- a/includes/block/DatabaseBlock.php +++ b/includes/block/DatabaseBlock.php @@ -564,7 +564,7 @@ class DatabaseBlock extends AbstractBlock { * Autoblocks the given IP, referring to this block. * * @param string $autoblockIP The IP to autoblock. - * @return int|bool ID if an autoblock was inserted, false if not. + * @return int|false ID if an autoblock was inserted, false if not. */ public function doAutoblock( $autoblockIP ) { # If autoblocks are disabled, go away. @@ -572,14 +572,22 @@ class DatabaseBlock extends AbstractBlock { return false; } + $services = MediaWikiServices::getInstance(); + [ $target, $type ] = $services->getBlockUtils() + ->parseBlockTarget( $autoblockIP ); + if ( $type != self::TYPE_IP ) { + wfDebug( "Autoblock not supported for ip ranges." ); + return false; + } + $target = (string)$target; + # Check if autoblock exempt. - if ( self::isExemptedFromAutoblocks( $autoblockIP ) ) { + if ( self::isExemptedFromAutoblocks( $target ) ) { return false; } - $services = MediaWikiServices::getInstance(); # Allow hooks to cancel the autoblock. - if ( !( new HookRunner( $services->getHookContainer() ) )->onAbortAutoblock( $autoblockIP, $this ) ) { + if ( !( new HookRunner( $services->getHookContainer() ) )->onAbortAutoblock( $target, $this ) ) { wfDebug( "Autoblock aborted by hook." ); return false; } @@ -594,7 +602,7 @@ class DatabaseBlock extends AbstractBlock { $res = $dbr->select( $blockQuery['tables'], $blockQuery['fields'], - [ 'ipb_address' => $autoblockIP ], + [ 'ipb_address' => $target ], __METHOD__, [], $blockQuery['joins'] @@ -632,8 +640,8 @@ class DatabaseBlock extends AbstractBlock { # Make a new block object with the desired properties. $autoblock = new DatabaseBlock( [ 'wiki' => $this->getWikiId() ] ); - wfDebug( "Autoblocking {$this->getTargetName()}@" . $autoblockIP ); - $autoblock->setTarget( UserIdentityValue::newAnonymous( $autoblockIP, $this->getWikiId() ) ); + wfDebug( "Autoblocking {$this->getTargetName()}@" . $target ); + $autoblock->setTarget( UserIdentityValue::newAnonymous( $target, $this->getWikiId() ) ); $autoblock->setBlocker( $blocker ); $autoblock->setReason( wfMessage(