Skip to content

Commit

Permalink
Netutil IPv6 bugs
Browse files Browse the repository at this point in the history 
Motivation:
NetUtil#isValidIpV6Address and NetUtil#getIPv6ByName allowed an invalid form of mapped IPv4 addresses which lead to accepting invalid IPv6 addresses as valid.

Modifications:
- NetUtil#isValidIpV6Address and NetUtil#getIPv6ByName should only allow 7 colons for an IPv4 address if they are the first 2 characters.

Result:
More correct implementation of NetUtil#isValidIpV6Address and NetUtil#getIPv6ByName
  • Loading branch information
@Scottmitch @normanmaurer
Scottmitch authored and normanmaurer committed Apr 28, 2017
1 parent b1cb059 commit ea1cb20
Show file tree
Hide file tree
Showing 2 changed files with 42 additions and 8 deletions.
20 changes: 14 additions & 6 deletions common/src/main/java/io/netty/util/NetUtil.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -502,19 +502,26 @@ public static boolean isValidIpV6Address(String ipAddress) {
} else {
return false;
}

// a special case ::1:2:3:4:5:d.d.d.d allows 7 colons with an
// IPv4 ending, otherwise 7 :'s is bad
if ((numberOfColons != 6 && !doubleColon) ||
(numberOfColons == 7 && (ipAddress.charAt(startOffset) != ':' ||
ipAddress.charAt(1 + startOffset) != ':'))) {
return false;
}

for (; j >= startOffset; --j) {
tmpChar = ipAddress.charAt(j);
if (tmpChar != '0' && tmpChar != ':') {
return false;
}
}
}

if (!isValidIp4Word(word.toString())) {
return false;
}
if (numberOfColons != 6 && !doubleColon) {
return false;
}
word.delete(0, word.length());
break;

Expand Down Expand Up @@ -612,9 +619,10 @@ private static boolean isValidIPv4MappedSeparators(byte b0, byte b1, boolean mus
}

private static boolean isValidIPv4Mapped(byte[] bytes, int currentIndex, int compressBegin, int compressLength) {
return currentIndex <= 12 && currentIndex >= 2 &&
isValidIPv4MappedSeparators(bytes[currentIndex - 1], bytes[currentIndex - 2],
(compressBegin + compressLength) >= 14) && PlatformDependent.isZero(bytes, 0, currentIndex - 3);
final boolean mustBeZero = compressBegin + compressLength >= 14;
return currentIndex <= 12 && currentIndex >= 2 && (!mustBeZero || compressBegin < 12) &&
isValidIPv4MappedSeparators(bytes[currentIndex - 1], bytes[currentIndex - 2], mustBeZero) &&
PlatformDependent.isZero(bytes, 0, currentIndex - 3);
}

/**
Expand Down
30 changes: 28 additions & 2 deletions common/src/test/java/io/netty/util/NetUtilTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,10 @@ private static final class TestMap extends HashMap<String, String> {
"0:0:0:0:0:0:10.0.0.1", "00000000000000000000ffff0a000001",
"0:0:0:0:0::10.0.0.1", "00000000000000000000ffff0a000001",
"::0:0:0:0:0:10.0.0.1", "00000000000000000000ffff0a000001",
"0:0:0:0:0:0::10.0.0.1", "00000000000000000000ffff0a000001",
"0::0:0:0:0:10.0.0.1", "00000000000000000000ffff0a000001",
"0:0::0:0:0:10.0.0.1", "00000000000000000000ffff0a000001",
"0:0:0::0:0:10.0.0.1", "00000000000000000000ffff0a000001",
"0:0:0:0::0:10.0.0.1", "00000000000000000000ffff0a000001",
"0:0:0:0:0:ffff:10.0.0.1", "00000000000000000000ffff0a000001",
"::ffff:192.168.0.1", "00000000000000000000ffffc0a80001",
// Test if various interface names after the percent sign are recognized.
Expand Down Expand Up @@ -257,6 +260,12 @@ private static final class TestMap extends HashMap<String, String> {
"0:0:0:0:0:fffff:1.0.0.1", null,
// Invalid IPv4 mapped address - too many bytes (too many 0's)
"0:0:0:0:0:0:ffff:1.0.0.1", null,
// Invalid IPv4 mapped address - too many bytes (too many 0's)
"::0:0:0:0:0:ffff:1.0.0.1", null,
// Invalid IPv4 mapped address - too many bytes (too many 0's)
"0:0:0:0:0:0::1.0.0.1", null,
// Invalid IPv4 mapped address - too many bytes (too many 0's)
"0:0:0:0:0:00000:1.0.0.1", null,
// Invalid IPv4 mapped address - too few bytes (not enough 0's)
"0:0:0:0:ffff:1.0.0.1", null,
// Invalid IPv4 mapped address - 0's after the mapped ffff indicator
Expand Down Expand Up @@ -403,12 +412,29 @@ private static final class TestMap extends HashMap<String, String> {
"0:0:0:0:0:0:255.254.253.252", "::ffff:255.254.253.252",
"0:0:0:0:0::1.2.3.4", "::ffff:1.2.3.4",
"0:0:0:0::1.2.3.4", "::ffff:1.2.3.4",
"0:0:0:0:0:0::1.2.3.4", "::ffff:1.2.3.4",
"::0:0:0:0:0:1.2.3.4", "::ffff:1.2.3.4",
"0::0:0:0:0:1.2.3.4", "::ffff:1.2.3.4",
"0:0::0:0:0:1.2.3.4", "::ffff:1.2.3.4",
"0:0:0::0:0:1.2.3.4", "::ffff:1.2.3.4",
"0:0:0:0::0:1.2.3.4", "::ffff:1.2.3.4",
"0:0:0:0:0::1.2.3.4", "::ffff:1.2.3.4",
"::0:0:0:0:1.2.3.4", "::ffff:1.2.3.4",
"0::0:0:0:1.2.3.4", "::ffff:1.2.3.4",
"0:0::0:0:1.2.3.4", "::ffff:1.2.3.4",
"0:0:0::0:1.2.3.4", "::ffff:1.2.3.4",
"0:0:0:0::1.2.3.4", "::ffff:1.2.3.4",
"::0:0:0:0:1.2.3.4", "::ffff:1.2.3.4",
"0::0:0:0:1.2.3.4", "::ffff:1.2.3.4",
"0:0::0:0:1.2.3.4", "::ffff:1.2.3.4",
"0:0:0::0:1.2.3.4", "::ffff:1.2.3.4",
"0:0:0:0::1.2.3.4", "::ffff:1.2.3.4",
"::0:0:0:1.2.3.4", "::ffff:1.2.3.4",
"0::0:0:1.2.3.4", "::ffff:1.2.3.4",
"0:0::0:1.2.3.4", "::ffff:1.2.3.4",
"0:0:0::1.2.3.4", "::ffff:1.2.3.4",
"::0:0:1.2.3.4", "::ffff:1.2.3.4",
"0::0:1.2.3.4", "::ffff:1.2.3.4",
"0:0::1.2.3.4", "::ffff:1.2.3.4",
"::0:1.2.3.4", "::ffff:1.2.3.4",
"::1.2.3.4", "::ffff:1.2.3.4",

Expand Down

0 comments on commit ea1cb20

Please sign in to comment.