WordPress.org

Plugin Directory

login-security-solution

Opened 5 years ago

Closed 5 years ago

#1553 closed defect (fixed)

get_login_fail: Similar IP addresses incorrectly grouped

Reported by: deanmarktaylor Owned by: convissor
Priority: normal Severity: major
Plugin: login-security-solution Keywords: sql, query, ip address, wildcard, match, ip, address, login, fail, match
Cc:

Description

In the get_login_fail function, the query uses LIKE wildcard search, currently the query would incorrectly match all of the following IP addresses as being from the same network:

  • 192.168.1.100
  • 192.168.100.22
  • 192.168.12.1

This is because matching is done without an anchor, instead of passing 192.168.1 to the search 192.168.1. should be passed. Note the additional . (period) at the end.

In the get_login_fail function, the $network_ip passed in is in one of the following forms:

  • Empty string (get_network_ip and other upstream functions return an zero length string in the case of an error, IP being unavailable etc)
  • IPv4: a.b.c, e.g. 127.0.0, 192.168.10
  • IPv6: xxxx:xxxx:xxxx:xxxx, e.g. fdfe:dcba:9876:ffff

Any change must handle all 3 of these forms.

This is considered major severity considering it directly relates to the main functionality of this plugin.

Attachments (1)

2012070901 - login-security-solution - fix similar ip address grouping.diff (4.0 KB) - added by deanmarktaylor 5 years ago.
Patch - to fix incorrect IP address grouping (unit tests untested)

Download all attachments as: .zip

Change History (6)

@deanmarktaylor5 years ago

Patch - to fix incorrect IP address grouping (unit tests untested)

comment:1 @deanmarktaylor5 years ago

I have attached a patch to fix this problem, it should be noted however that although I have written a unit test for this issue I have not ran it against the code. I am unable to run the unit tests against my current setup.

comment:2 @deanmarktaylor5 years ago

  • Summary changed from get_login_fail: Ssimilar IP addresses incorrectly grouped to get_login_fail: Similar IP addresses incorrectly grouped

comment:3 @convissor5 years ago

  • Resolution set to fixed
  • Status changed from new to closed

Good catch. Realized exactly what the problem was when you showed the first examples. Doh! Fixed in release 0.17.0.

comment:4 @deanmarktaylor5 years ago

  • Resolution fixed deleted
  • Status changed from closed to reopened

Unexpected line now included in get_login_fail:

$this->log($sql);

comment:5 @convissor5 years ago

  • Resolution set to fixed
  • Status changed from reopened to closed

Gah! Fixed in release 0.19.0.

Note: See TracTickets for help on using tickets.