Thanks to visit codestin.com
Credit goes to github.com

Skip to content

TRUSTED_PROXIES parsing fails when using php 8.3 #58642

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
NeilWhitworth opened this issue Oct 23, 2024 · 1 comment
Closed

TRUSTED_PROXIES parsing fails when using php 8.3 #58642

NeilWhitworth opened this issue Oct 23, 2024 · 1 comment
Labels
Bug Status: Needs Review

Comments

@NeilWhitworth
Copy link

NeilWhitworth commented Oct 23, 2024
edited by derrabus
Loading

Symfony version(s) affected

6.4+

Description

When using a TRUSTED_PROXIES with a netmask (i.e. 192.168.1.0/24) and php 8.3 every request fails with an exception

Uncaught PHP Exception TypeError: "substr_compare(): Argument #4 ($length) must be of type ?int, string given" at IpUtils.php line 105

How to reproduce

Symfony 6.4 project using php 8.3 and TRUSTED_PROXIES configured with a IP range (i.e. 192.168.1.0/24)

Possible Solution

Cast the extracted netmask from string to int

Additional Context

Full stack trace

Uncaught PHP Exception TypeError: "substr_compare(): Argument #4 ($length) must be of type ?int, string given" at IpUtils.php line 105 {"exception":"[object] (TypeError(code: 0): substr_compare(): Argument #4 ($length) must be of type ?int, string given at C:\\Riviera\\SYS\\MV3\\vendor\\symfony\\http-foundation\\IpUtils.php:105)
[stacktrace]
#0 C:\\Riviera\\SYS\\MV3\\vendor\\symfony\\http-foundation\\IpUtils.php(105): substr_compare()
#1 C:\\Riviera\\SYS\\MV3\\vendor\\symfony\\http-foundation\\IpUtils.php(59): Symfony\\Component\\HttpFoundation\\IpUtils::checkIp4()
#2 C:\\Riviera\\SYS\\MV3\\vendor\\symfony\\http-foundation\\Request.php(1999): Symfony\\Component\\HttpFoundation\\IpUtils::checkIp()
#3 C:\\Riviera\\SYS\\MV3\\vendor\\symfony\\http-foundation\\Request.php(1109): Symfony\\Component\\HttpFoundation\\Request->isFromTrustedProxy()
#4 C:\\Riviera\\SYS\\MV3\\vendor\\nelmio\\security-bundle\\src\\EventListener\\ForcedSslListener.php(58): Symfony\\Component\\HttpFoundation\\Request->isSecure()
#5 C:\\Riviera\\SYS\\MV3\\vendor\\symfony\\event-dispatcher\\EventDispatcher.php(260): Nelmio\\SecurityBundle\\EventListener\\ForcedSslListener->onKernelRequest()
#6 C:\\Riviera\\SYS\\MV3\\vendor\\symfony\\event-dispatcher\\EventDispatcher.php(220): Symfony\\Component\\EventDispatcher\\EventDispatcher::Symfony\\Component\\EventDispatcher\\{closure}()
#7 C:\\Riviera\\SYS\\MV3\\vendor\\symfony\\event-dispatcher\\EventDispatcher.php(56): Symfony\\Component\\EventDispatcher\\EventDispatcher->callListeners()
#8 C:\\Riviera\\SYS\\MV3\\vendor\\symfony\\http-kernel\\HttpKernel.php(157): Symfony\\Component\\EventDispatcher\\EventDispatcher->dispatch()
#9 C:\\Riviera\\SYS\\MV3\\vendor\\symfony\\http-kernel\\HttpKernel.php(76): Symfony\\Component\\HttpKernel\\HttpKernel->handleRaw()
#10 C:\\Riviera\\SYS\\MV3\\vendor\\symfony\\http-kernel\\Kernel.php(197): Symfony\\Component\\HttpKernel\\HttpKernel->handle()
#11 C:\\Riviera\\SYS\\MV3\\public\\index.php(46): Symfony\\Component\\HttpKernel\\Kernel->handle()
#12 C:\\Riviera\\SYS\\MV3\\vendor\\autoload_runtime.php(24): {closure}()
#13 C:\\Riviera\\SYS\\MV3\\config\\bootstrap.php(5): require_once('...')
#14 C:\\Riviera\\SYS\\MV3\\public\\index.php(7): require('...')
@NeilWhitworth
Copy link
Author

After some further digging this looks to have been caused by a long standing configuration issue, which has only surfaced after a switch to symfony 6.4/php8.3

The TUSTED_PROXIES was getting (incorrectly) set to a value like 192.168.1.0/24 192.168.2.0/24 (note the space separator) instead of an array of [192.168.1.0/24, 192.168.2.0/24].

This resulted in IpUtils::checkIp4 parsing the ip/netmask as 192.168.1.0 and 24 192.168.2.0/24 respectively

@NeilWhitworth NeilWhitworth closed this as not planned Won't fix, can't repro, duplicate, stale Oct 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug Status: Needs Review
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@NeilWhitworth @carsonbot