From 8267e408f0aa46cf15daa559b190395660d0a068 Mon Sep 17 00:00:00 2001
From: Stefan Kalscheuer <stefan@stklcode.de>
Date: Fri, 4 Nov 2022 10:39:23 +0100
Subject: [PATCH] simply regex quantifiers and parse IPs to lowercase
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Use ? instead of {0,1} and {3} instead of {3,3} where applicable.
Number groups [ß-9] are left as is for readability, i.e. prefer
[1-9][0-9] over [1-9]\d.

The whole expression is evaluated case-insensitive now, so we can omit
the "a-fA-F" and simply use "a-f".

Unit-tests extended accordingly.
---
 inc/class-statifyblacklist-admin.php | 12 +++++++++---
 test/StatifyBlacklist_Admin_Test.php |  9 ++++++---
 test/StatifyBlacklist_Test.php       | 14 ++++++++++++++
 3 files changed, 29 insertions(+), 6 deletions(-)

diff --git a/inc/class-statifyblacklist-admin.php b/inc/class-statifyblacklist-admin.php
index 6b207a1..5df5a63 100644
--- a/inc/class-statifyblacklist-admin.php
+++ b/inc/class-statifyblacklist-admin.php
@@ -329,14 +329,20 @@ class StatifyBlacklist_Admin extends StatifyBlacklist {
 	 */
 	private static function sanitize_ips( $ips ) {
 		return array_filter(
-			$ips,
+			array_map( 'strtolower', $ips ),
 			function ( $ip ) {
 				return preg_match(
-					'/^((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])(\/([0-9]|[1-2][0-9]|3[0-2]))?$/',
+					'/^((25[0-5]|(2[0-4]|1?[0-9])?[0-9])\.){3}(25[0-5]|(2[0-4]|1?[0-9])?[0-9])(\/([0-9]|[1-2][0-9]|3[0-2]))?$/',
 					$ip
 				) ||
 				preg_match(
-					'/^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))(\/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$/',
+					'/^(([0-9a-f]{1,4}:){7}[0-9a-f]{1,4}|([0-9a-f]{1,4}:){1,7}:|([0-9a-f]{1,4}:){1,6}:[0-9a-f]{1,4}' .
+					'|([0-9a-f]{1,4}:){1,5}(:[0-9a-f]{1,4}){1,2}|([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,3}' .
+					'|([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,4}|([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,5}' .
+					'|[0-9a-f]{1,4}:((:[0-9a-f]{1,4}){1,6})|:((:[0-9a-f]{1,4}){1,7}|:)' .
+					'|fe80:(:[0-9a-f]{0,4}){0,4}%[0-9a-zA-Z]+|::(ffff(:0{1,4})?:)?((25[0-5]|(2[0-4]|1?[0-9])?[0-9])\.){3}(25[0-5]|(2[0-4]' .
+					'|1?[0-9])?[0-9])|([0-9a-f]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1?[0-9])?[0-9])\.){3}(25[0-5]|(2[0-4]|1?[0-9])?[0-9]))' .
+					'(\/([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8]))?$/i',
 					$ip
 				);
 			}
diff --git a/test/StatifyBlacklist_Admin_Test.php b/test/StatifyBlacklist_Admin_Test.php
index 4d875fd..3ad9f20 100644
--- a/test/StatifyBlacklist_Admin_Test.php
+++ b/test/StatifyBlacklist_Admin_Test.php
@@ -43,14 +43,17 @@ class StatifyBlacklist_Admin_Test extends PHPUnit\Framework\TestCase {
 			'2001:db8:a0b:12f0::',
 			'2001:db8:a0b:12f0::1',
 			'2001:db8:a0b:12f0::1/128',
-			'2001:db8:a0b:12f0::/64',
+			'2001:DB8:A0B:12F0::/64',
+			'fe80::7645:6de2:ff:1',
+			'::ffff:192.0.2.123',
 		);
 		$invalid = array(
 			'2001:db8:a0b:12f0::x',
 			'2001:db8:a0b:12f0:::',
 			'2001:fffff:a0b:12f0::1',
-			'2001:db8:a0b:12f0::/129',
+			'2001:DB8:A0B:12F0::/129',
 			'1:2:3:4:5:6:7:8:9',
+			'::ffff:12.34.56.789',
 		);
 		$result  = invoke_static( StatifyBlacklist_Admin::class, 'sanitize_ips', array( array_merge( $valid, $invalid ) ) );
 		$this->assertNotFalse( $result );
@@ -59,6 +62,6 @@ class StatifyBlacklist_Admin_Test extends PHPUnit\Framework\TestCase {
 		} else {
 			$this->assertInternalType( 'array', $result );
 		}
-		$this->assertEquals( $valid, $result );
+		$this->assertEquals( array_map( 'strtolower', $valid ), $result );
 	}
 }
diff --git a/test/StatifyBlacklist_Test.php b/test/StatifyBlacklist_Test.php
index 10597f5..f454a04 100644
--- a/test/StatifyBlacklist_Test.php
+++ b/test/StatifyBlacklist_Test.php
@@ -283,6 +283,20 @@ class StatifyBlacklist_Test extends PHPUnit\Framework\TestCase {
 				array( '2001:db8:a0b:12f0::123:456', '2001:db8:a0b:12f0::1/96 ' )
 			)
 		);
+		$this->assertTrue(
+			invoke_static(
+				StatifyBlacklist::class,
+				'cidr_match',
+				array( '2001:DB8:A0B:12F0::123:456', '2001:db8:a0b:12f0::1/96 ' )
+			)
+		);
+		$this->assertTrue(
+			invoke_static(
+				StatifyBlacklist::class,
+				'cidr_match',
+				array( '2001:db8:a0b:12f0::123:456', '2001:DB8:A0B:12F0::1/96 ' )
+			)
+		);
 		$this->assertFalse(
 			invoke_static(
 				StatifyBlacklist::class,