NetUtil IPv6 bugs related to IPv4 and compression

[Scottmitch]

Motivation:
NetUtil#getByName and NetUtil#isValidIpV6Address do not strictly enforce the format of IPv4 addresses that are allowed to be embedded in IPv6 addresses as specified in https://tools.ietf.org/html/rfc4291#section-2.5.5. This may lead to invalid addresses being parsed, or invalid addresses being considered valid.

Modifications:

• NetUtil#isValidIpV6Address should enforce the IPv4-Compatible and IPv4-Mapped are the only valid formats for including IPv4 addresses as specified in https://tools.ietf.org/html/rfc4291#section-2.5.5
• NetUtil#getByName should more stritcly parse IPv6 addresses which contain IPv4 addresses as specified in https://tools.ietf.org/html/rfc4291#section-2.5.5

Result:
NetUtil#getByName and NetUtil#isValidIpV6Address respect the IPv6 RFC which defines the valid formats for embedding IPv4 addresses.

[Scottmitch]

@trustin @fenik17 - PTAL. Please suggest additional unit tests if you think of interesting test cases.

[netkins]

The Cyclomatic Complexity of this method "getIPv6ByName" is 93 which is greater than 25 authorized.

[fenik17]

Can we add support for IPv6 addresses with [] and % into a getIPv6ByName() method? Something like that:

public static byte[] createByteArrayFromIpAddressString(String ipAddressString) {
    if (isValidIpV4Address(ipAddressString)) {
        ....
    }
    return getIPv6ByName(ipAddressString, true);
}

private static byte[] getIPv6ByName(CharSequence ip, boolean ipv4Mapped) {
    ...
    int startIdx; // instead of '0' below
    int endIdx;   // instead of 'ipLength - 1' below
    if (ip.charAt(0) == '[') {
        startIdx = 1;
        endIdx = ip.length() - 2;
    } else {
        startIdx = 0;
        endIdx = ip.length() - 1;
    }
    ...
    loop: for (int i = startIdx; i <= endIdx; i++) {
        ...
        case '%':
            endIdx = i - 1;
            break loop;
        }
        ...
    }
    ...
    if (startIdx == 1 && (ipv6Seperators == 0 || ip.charAt(ip.length() - 1) != ']')) {
        // "[x.x.x.x]" - invalid ipv4
        // "[x:x:x::x" - invalid ipv6
        return null;
    }
    ...
}

This will allow us not to call a isValidIpV6Address() method in the createByteArrayFromIpAddressString(), and make getByName more universal. Also, we will be able to test getByName() on a par with the isValidIpV4Address() and isValidIpV6Address():

    @Test
    public void testIsValidIpV4Address() {
        for (String host : validIpV4Hosts.keySet()) {
            assertTrue(host, NetUtil.isValidIpV4Address(host));
            assertNotNull(host, NetUtil.getByName(host));
        }
        for (String host : invalidIpV4Hosts.keySet()) {
            assertFalse(host, NetUtil.isValidIpV4Address(host));
            assertNull(host, NetUtil.getByName(host));
        }
    }

    @Test
    public void testIsValidIpV6Address() {
        for (String host : validIpV6Hosts.keySet()) {
            assertTrue(host, NetUtil.isValidIpV6Address(host));
            assertNotNull(host, NetUtil.getByName(host));
        }
        for (String host : invalidIpV6Hosts.keySet()) {
            assertFalse(host, NetUtil.isValidIpV6Address(host));
            assertNull(host, NetUtil.getByName(host));
        }
    }

[fenik17]

In addition to the previous comment - InetAddress.getByName() from the JDK supports an [] and %.

[fenik17]

Maybe -= 2 with an Unsafe and -= 3 without?
With -2 test failed for ip "::ffff:1.2.3.4" whithout an Unsafe.

[fenik17]

Netkins doesn't run tests with -Dio.netty.noUnsafe=true?

[Scottmitch]

good catch ... should be -=3 ... the indexing is off the for unsafe case.

Netkins doesn't run tests with -Dio.netty.noUnsafe=true?

No. It just assumes the default for the platform.

[fenik17]

all of last part need only for the ipv4Seperators == 1:

|| ( 
    ipv4Seperators == 1 &&
    (
          (!ipv4Mapped || currentIndex != 0 && !isValidIPv4Mapped(bytes, currentIndex))
       || (tmp == 3 && (!isValidNumericChar(ip.charAt(i - 1)) || !isValidNumericChar(ip.charAt(i - 2)) || !isValidNumericChar(ip.charAt(i - 3))) ||
           tmp == 2 && (!isValidNumericChar(ip.charAt(i - 1)) || !isValidNumericChar(ip.charAt(i - 2))) ||
           tmp == 1 && !isValidNumericChar(ip.charAt(i - 1)))
    )
  ) {

[Scottmitch]

Good catch. The validation after we see the first ipv4Separators is done in the default case below.

[fenik17]

@Scottmitch fix the typos ipv6Seperators -> ipv6Separators, ipv4Seperators -> ipv4Separators please :)

[Scottmitch]

Can we add support for IPv6 addresses with [] and % into a getIPv6ByName() method?

Lets do a followup PR for this enhancement.

[netkins]

Reduce the number of conditional operators (19) used in the expression (maximum allowed 5).

[fenik17]

convertToBytes() can be removed at now.

Lets do a followup PR for this enhancement.

Ok.

[Scottmitch]

convertToBytes() can be removed at now.

+1

[fenik17]

Please suggest additional unit tests if you think of interesting test cases.

0:0:0:0:0:ffff::10.0.0.1

isValidIpV6Address("0:0:0:0:0:ffff::10.0.0.1") => false
getByName("0:0:0:0:0:ffff::10.0.0.1")          => not null

[normanmaurer]

lgtm...

[normanmaurer]

Let me merge this...

[fenik17]

The getByName() method still does not check IPv4-Mapped addresses, e.g. for "1:0:0:0:0:ffff:10.0.0.1" or "0:0:0:0:0:ffff::10.0.0.1" it return a not null.
But isValidIpV6Address() has such check (return false).

[fenik17]

I can fix it in another PR if @Scottmitch have not time..

[Scottmitch]

@fenik17 - Thanks for pointing out this unit test .. let me add this unit test and fix the issue

[fenik17]

this check - ip.charAt(ipLength - 1) != ':' - seems superfluous or wrong for the ipv4Separators > 0.

[Scottmitch]

agreed ... this should be caught in the loop above.

[fenik17]

One more unit test for invalid address: "1:0:0:0:0:ffff:10.0.0.1".
Problem in the isValidIPv4Mapped().

[fenik17]

Maybe better use equals() with zeroed array instead of getLong() / getInt() in the isValidIPv4Mapped()?

[netkins]

Reduce the number of conditional operators (7) used in the expression (maximum allowed 5).

[Scottmitch]

Maybe better use equals() with zeroed array instead of getLong() / getInt() in the isValidIPv4Mapped()?

I considered doing this initially ... I will just add a isZero method to PlatformDependent instead to make this more generally available an independently unit tested. This way we won't need an intermediate allocation.

[Scottmitch]

4.1 (9cb858f) 4.0 (241cdc6)

[fenik17]

@Scottmitch oops. Is it really valid?

[Scottmitch]

Yes we allow IPv4 compatible addresses as input. The rational is to be liberal in what we accept but more strict in what we generate (we only generate IPv4 mapped).

// We allow IPv4 Mapped (https://tools.ietf.org/html/rfc4291#section-2.5.5.1)
// and IPv4 compatible (https://tools.ietf.org/html/rfc4291#section-2.5.5.1).
// The IPv4 compatible is deprecated, but it allows parsing of plain IPv4 addressed into IPv6-Mapped addresses.

[fenik17]

I'm about of count of zeros and "::" after. There can not be more bits in place of "::".
This is confirmed by examples [1] and some online-validators: [2] and [3].

   3. An alternative form that is sometimes more convenient when dealing
      with a mixed environment of IPv4 and IPv6 nodes is
      x:x:x:x:x:x:d.d.d.d, where the 'x's are the hexadecimal values of
      the six high-order 16-bit pieces of the address, and the 'd's are
      the decimal values of the four low-order 8-bit pieces of the
      address (standard IPv4 representation).  Examples:
         0:0:0:0:0:0:13.1.68.3
         0:0:0:0:0:FFFF:129.144.52.38
      or in compressed form:
         ::13.1.68.3
         ::FFFF:129.144.52.38

[1] https://tools.ietf.org/html/rfc4291#section-2.2
[2] http://formvalidation.io/validators/ip/ ("Try it" in the end)
[3] https://www.helpsystems.com/intermapper/ipv6-test-address-validation

[Scottmitch]

Thanks for pointing this out. I agree there is a bug. Let me come up with a PR.

[Scottmitch]

See #6680