nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-08 14:38:15 -05:00
Code

Resolve host to check for private IP address (#812)

Browse Source
This commit is contained in:
Kyle Spearrin 2020-07-07 19:47:12 -04:00 committed by GitHub
parent 7af50172e0
commit 8a46fcd301
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 28 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
src/Icons/Services/IconFetchingService.cs
View File

@ -291,6 +291,13 @@ namespace Bit.Icons.Services
return null; return null;
} }
// Resolve host to make sure it is not an internal/private IP address
var hostEntry = Dns.GetHostEntry(uri.Host);
if (hostEntry?.AddressList.Any(ip => IsInternal(ip)) ?? true)
{
return null;
}
using (var message = new HttpRequestMessage()) using (var message = new HttpRequestMessage())
{ {
message.RequestUri = uri; message.RequestUri = uri;
@ -405,5 +412,26 @@ namespace Bit.Icons.Services
{ {
return uri != null && uri.Scheme == "http" ? "http" : "https"; return uri != null && uri.Scheme == "http" ? "http" : "https";
} }
public static bool IsInternal(IPAddress ip)
{
if (IPAddress.IsLoopback(ip))
{
return true;
}
else if (ip.ToString() == "::1")
{
return false;
}
var bytes = ip.GetAddressBytes();
return (bytes[0]) switch
{
10 => true,
172 => bytes[1] < 32 && bytes[1] >= 16,
192 => bytes[1] == 168,
_ => false,
};
}
} }
} }