Malin/domnitor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add vCard field validation in WhoisService

Browse Source 
Added checks to ensure vCard fields are arrays with at least 4 elements before accessing their values. This prevents potential errors when parsing registrar and abuse contact information from RDAP responses.
This commit is contained in:
Hosteroid
2025-10-21 14:51:28 +03:00
parent 430bd81cb9
commit 92319b27f7
1 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/Services/WhoisService.php
View File

@@ -392,6 +392,7 @@ class WhoisService
// Get registrar name from vCard
if (isset($entity['vcardArray'][1])) {
foreach ($entity['vcardArray'][1] as $vcardField) {
if (is_array($vcardField) && count($vcardField) >= 4) {
if ($vcardField[0] === 'fn') {
$info['registrar'] = $vcardField[3];
} elseif ($vcardField[0] === 'url') {
@@ -399,6 +400,7 @@ class WhoisService
}
}
}
}
// Check for abuse contact in nested entities
if (isset($entity['entities']) && is_array($entity['entities'])) {
@@ -406,6 +408,7 @@ class WhoisService
if (in_array('abuse', $subEntity['roles'] ?? [])) {
if (isset($subEntity['vcardArray'][1])) {
foreach ($subEntity['vcardArray'][1] as $vcardField) {
if (is_array($vcardField) && count($vcardField) >= 4) {
if ($vcardField[0] === 'email') {
$info['abuse_email'] = $vcardField[3];
}
@@ -417,6 +420,7 @@ class WhoisService
}
}
}
}
// Parse nameservers
if (isset($rdapData['nameservers']) && is_array($rdapData['nameservers'])) {