ZF-10467: Zend_Validator_EmailAddress check for local/reserved ip addresses doesn't work for 192.* when using deep MX check
Description
When using deep MX check on @umcg.nl which resolves to 192.87.23.73 and 192.87.23.74 the _isReserved function returns false, though the address isn't local or reserved but valid.
Also the function _isReserved does only check the first ip since it uses the function gethostbyname. For instance the hostname mx1.hotmail.com returns 12 host records.
I've rewritten the function using a regex and gethostbynamel so all the ip's will be checked.
/**
* Returns if the given host is reserved
*
* @param string $host
* @return boolean
*/
private function _isReserved($host)
{
if (preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $host)) {
$hostlist = array($host);
} else {
$hostlist = gethostbynamel($host);
}
if (empty($hostlist)) {
return false;
}
foreach ($hostlist as $host) {
if (!preg_match('/^(0|10|127|128\.0|169\.254|172\.(1[6-9]|2\d|3[01])|191\.255|192\.168|192\.0\.0|192\.0\.2|192\.88\.99|198\.18|198\.19|198\.51\.100|203\.0\.113|223\.255\.255|22[4-9]|2[345]\d)\./', $host)) {
return false;
}
}
return true;
}
Comments
Posted by Thomas Weidner (thomas) on 2011-09-03T16:27:51.000+0000
Fixed in ZF2 with GH-347