OpenSim
/
OpenSimMirror
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

MapImage security issue. Compare strings instead of IPAddresses.

0.7.4.1
Diva Canto 2012-04-27 10:39:20 -07:00
parent 292752bb78
commit a9dbe39319
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
OpenSim/Server/Handlers/Map/MapAddServerConnector.cs
View File

@ -133,7 +133,7 @@ namespace OpenSim.Server.Handlers.MapImage
if (r != null) if (r != null)
{ {
System.Net.IPAddress ipAddr = GetCallerIP(httpRequest); System.Net.IPAddress ipAddr = GetCallerIP(httpRequest);
if (r.ExternalEndPoint.Address != ipAddr) if (r.ExternalEndPoint.Address.ToString() != ipAddr.ToString())
{ {
m_log.WarnFormat("[MAP IMAGE HANDLER]: IP address {0} may be trying to impersonate region in IP {1}", ipAddr, r.ExternalEndPoint.Address); m_log.WarnFormat("[MAP IMAGE HANDLER]: IP address {0} may be trying to impersonate region in IP {1}", ipAddr, r.ExternalEndPoint.Address);
return FailureResult("IP address of caller does not match IP address of registered region"); return FailureResult("IP address of caller does not match IP address of registered region");