bug-gnu-emacs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#54624: 29.0.50; textsec and ipv6 addresses

From: Mattias Engdegård
Subject: bug#54624: 29.0.50; textsec and ipv6 addresses
Date: Mon, 4 Apr 2022 14:48:37 +0200 
4 apr. 2022 kl. 12.42 skrev Lars Ingebrigtsen <larsi@gnus.org>:

> Fine by me, but addresses that are too long should be suspicious (to
> catch people obfuscating by doing things like 000000000000000127.0.0.1
> and similar).  That's what I was intending to catch with the {} things
> without having to actually do the hard maths myself.  :-)

I agree that is desirable. If a strict parse is impractical (not sure if it 
is), what about something slightly stricter than what we current have? Here is 
a straw-man proposal:

    (rx-let ((octet (or "0" (: (in "1-9") (? (in "0-9") (? (in "0-9"))))))
             (ipv4 (: octet (= 3 "."  octet)))
             (hextet (** 1 4 (in "0-9a-f")))
             (ipv6 (: (? "::") hextet (* ":" (? ":") hextet)
                      (? (or "::" (: ":" ipv4) )))))
      (rx bos (or ipv4 ipv6 (: "[" ipv6 "]")) eos))

and don't forget to bind case-fold-search to nil while calling string-match-p 
since IPv6 specifies lower-case hex digits.

And thanks to Andreas for reminding me about IPv6 allowing dotted quads as well.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]