fix(Request): Catch exceptions in isTrustedProxy

The function fails if the configured trusted proxies contain invalid characters and the underlying IpUtils will throw. But as it is used by `getRemoteAddress` which is used by logging / templating, thrown errors are not reported but silently fail with error 500. Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de> Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com> Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
nextcloud · susnux · Jan 29, 2024 · Jan 15, 2024 · Jan 27, 2024 · 7620d230df8756a9c439c4acbd756fbeae9345f7
commit 7620d230df8756a9c439c4acbd756fbeae9345f7
@@ -573,7 +573,14 @@ public function getId(): string {
 	 * @return boolean true if $remoteAddress matches any entry in $trustedProxies, false otherwise
 	 */
 	protected function isTrustedProxy($trustedProxies, $remoteAddress) {
-		return IpUtils::checkIp($remoteAddress, $trustedProxies);
+		try {
+			return IpUtils::checkIp($remoteAddress, $trustedProxies);
+		} catch (\Throwable) {
+			// We can not log to our log here as the logger is using `getRemoteAddress` which uses the function, so we would have a cyclic dependency
+			// Reaching this line means `trustedProxies` is in invalid format.
+			error_log('Nextcloud trustedProxies has malformed entries');
+			return false;
+		}
 	}
 
 	/**