Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

False positives for InetAddresses.isInetAddress #3116

Open
devikasondhi opened this issue Apr 16, 2018 · 4 comments
Open

False positives for InetAddresses.isInetAddress #3116

devikasondhi opened this issue Apr 16, 2018 · 4 comments
Labels
P3 package=net status=triaged

Comments

@devikasondhi
Copy link

InetAddresses.isInetAddress method returns true for invalid IPv6 address containing two or more consecutive 0s in the last hextet.
Failing test case:
InetAddresses.isInetAddress("804c:404c::0:cc:c0:00c1c") //returns true

Expected to return false, as also verified with an online service here- https://www.helpsystems.com/intermapper/ipv6-test-address-validation

The issue seems to be due to the compression over zeroes involved.
@pmarks-net
Copy link
Contributor

You're suggesting that parseHextet(String ipPart) should fail when ipPart.length() > 4.

I don't have a strong preference either way, but by what definition is this invalid? Guava isn't the only parser that works like this:

$ ping6 ::00000001
PING ::00000001(::1) 56 data bytes
64 bytes from ::1: icmp_seq=1 ttl=64 time=0.049 ms

@swankjesse
Copy link
Contributor

swankjesse commented Apr 21, 2018
edited

The RFC suggests both Guava and ping6 have it wrong here:

   1. The preferred form is x:x:x:x:x:x:x:x, where the 'x's are one to
      four hexadecimal digits of the eight 16-bit pieces of the address.

@pmarks-net
Copy link
Contributor

Looking at the history of the document:

  • RFC1884 (1995): "where the 'x's are the hexadecimal values of the eight 16-bit pieces of the address."
  • RFC2373 (1998): same
  • RFC3513 (2003): same
  • RFC4291 (2006): "where the 'x's are one to four hexadecimal digits of the eight 16-bit pieces of the address."

So the current behavior was standard for more than a decade, and is consistent with OpenJDK:

System.err.println("ip=" + InetAddress.getByName("::00000001"));
...
ip=/0:0:0:0:0:0:0:1

In other words, I don't see a compelling reason to change it.

@sandhu5
Copy link

sandhu5 commented Jun 6, 2018
edited

Internally in the private method parseHextet() of InetAddresses.isInetAddress we are using this Integer.parsrInt() method to change hex to integer.
Actually Here in the Integer.parseInt() method When we pass "ipPart" and 16 it returns us an integer,
because internally Integer.parseInt() function does not change the value of "result" Variable by Leading Zeros(Look java docs or Its code)
i.e leading zeroes does not contribute in changing/creating the integer value
So we have to check the length of the String :- if > 4 throw exception

Assignment_IPV6.java.zip
Uploading Test.java.zip…

@cpovirk cpovirk mentioned this issue Mar 25, 2019
Closed
@raghsriniv raghsriniv added P3 and removed P2 labels Jul 30, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
P3 package=net status=triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@swankjesse @devikasondhi @netdpb @pmarks-net @raghsriniv @sandhu5