diff --git a/Tests/spfcheckTest.php b/Tests/spfcheckTest.php index 154ac16..30bad15 100644 --- a/Tests/spfcheckTest.php +++ b/Tests/spfcheckTest.php @@ -196,6 +196,18 @@ class spfcheckTest extends PHPUnit_Framework_TestCase "mx" => array ()))); } + public function test_wideIPRange () + { + $spfcheck = new spfcheck (); + $spfcheck->getRecords ("wide.spf.tester.fournier38.fr"); + $res = $spfcheck->getErrors (); + $this->assertSame ($res, + array ("wide.spf.tester.fournier38.fr" => array ( + "ip4:213.131.32.0/2" => "Invalid ip4 set for domain 'wide.spf.tester.fournier38.fr' : Mask '/2' too wide", + "ip6:2001::/20" => "Invalid ip6 set for domain 'wide.spf.tester.fournier38.fr' : Mask '/20' too wide" + ))); + } + public function test_getRecords_Unknown () { $spfcheck = new spfcheck (); diff --git a/spfcheck.php b/spfcheck.php index ce557ad..f1da9aa 100644 --- a/spfcheck.php +++ b/spfcheck.php @@ -320,6 +320,15 @@ class spfcheck $domain, $ext); continue; } + if ($mask !== "" && + filter_var ($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) && + substr ($mask, 1) < 16) + { + $this->errors[$domain][$part] = sprintf (dgettext ("domframework", + "Invalid ip4 set for domain '%s' : Mask '%s' too wide"), + $domain, $mask); + continue; + } $ips[$domain][$part][] = $ip.$mask; } // }}} @@ -343,6 +352,15 @@ class spfcheck $domain, $ext); continue; } + if ($mask !== "" && + filter_var ($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) && + substr ($mask, 1) < 64) + { + $this->errors[$domain][$part] = sprintf (dgettext ("domframework", + "Invalid ip6 set for domain '%s' : Mask '%s' too wide"), + $domain, $mask); + continue; + } $ips[$domain][$part][] = $ip.$mask; } // }}}