[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#54624: 29.0.50; textsec and ipv6 addresses
From: |
Robert Pluim |
Subject: |
bug#54624: 29.0.50; textsec and ipv6 addresses |
Date: |
Mon, 04 Apr 2022 15:33:23 +0200 |
>>>>> On Mon, 4 Apr 2022 14:48:37 +0200, Mattias Engdegård <mattiase@acm.org>
>>>>> said:
Mattias> 4 apr. 2022 kl. 12.42 skrev Lars Ingebrigtsen <larsi@gnus.org>:
>> Fine by me, but addresses that are too long should be suspicious (to
>> catch people obfuscating by doing things like 000000000000000127.0.0.1
>> and similar). That's what I was intending to catch with the {} things
>> without having to actually do the hard maths myself. :-)
Mattias> I agree that is desirable. If a strict parse is impractical (not
sure if it is), what about something slightly stricter than what we current
have? Here is a straw-man proposal:
Mattias> (rx-let ((octet (or "0" (: (in "1-9") (? (in "0-9") (? (in
"0-9"))))))
Mattias> (ipv4 (: octet (= 3 "." octet)))
Mattias> (hextet (** 1 4 (in "0-9a-f")))
Mattias> (ipv6 (: (? "::") hextet (* ":" (? ":") hextet)
Mattias> (? (or "::" (: ":" ipv4) )))))
Mattias> (rx bos (or ipv4 ipv6 (: "[" ipv6 "]")) eos))
Mattias> and don't forget to bind case-fold-search to nil while calling
string-match-p since IPv6 specifies lower-case hex digits.
Mattias> And thanks to Andreas for reminding me about IPv6 allowing dotted
quads as well.
Or we just arrange it so that thereʼs a primitive that maps to calling
getaddrinfo(3) with AI_NUMERICHOST in the hints.ai_flags (but Lars'
motivation here is 'not suspicious', not 'looks like a numeric IP
address', so maybe not).
Robert
--
- bug#54624: 29.0.50; textsec and ipv6 addresses, Mattias Engdegård, 2022/04/03
- bug#54624: 29.0.50; textsec and ipv6 addresses, Lars Ingebrigtsen, 2022/04/03
- bug#54624: 29.0.50; textsec and ipv6 addresses, Mattias Engdegård, 2022/04/03
- bug#54624: 29.0.50; textsec and ipv6 addresses, Andreas Schwab, 2022/04/03
- bug#54624: 29.0.50; textsec and ipv6 addresses, Lars Ingebrigtsen, 2022/04/04
- bug#54624: 29.0.50; textsec and ipv6 addresses, Mattias Engdegård, 2022/04/04
- bug#54624: 29.0.50; textsec and ipv6 addresses,
Robert Pluim <=
- bug#54624: 29.0.50; textsec and ipv6 addresses, Lars Ingebrigtsen, 2022/04/06
- bug#54624: 29.0.50; textsec and ipv6 addresses, Mattias Engdegård, 2022/04/06
- bug#54624: 29.0.50; textsec and ipv6 addresses, Lars Ingebrigtsen, 2022/04/07
- bug#54624: 29.0.50; textsec and ipv6 addresses, Mattias Engdegård, 2022/04/07
- bug#54624: 29.0.50; textsec and ipv6 addresses, Andreas Schwab, 2022/04/07
- bug#54624: 29.0.50; textsec and ipv6 addresses, Mattias Engdegård, 2022/04/08
- bug#54624: 29.0.50; textsec and ipv6 addresses, Andreas Schwab, 2022/04/08
- bug#54624: 29.0.50; textsec and ipv6 addresses, Mattias Engdegård, 2022/04/08
- bug#54624: 29.0.50; textsec and ipv6 addresses, Mattias Engdegård, 2022/04/11
- bug#54624: 29.0.50; textsec and ipv6 addresses, Lars Ingebrigtsen, 2022/04/11