#26488: Validate that DirAuthority address is IPv4 #181
Conversation
| } | ||
|
|
||
| address = tor_strndup(addrport, addrport_sep - addrport); | ||
| if (!string_is_valid_ipv4_address(address)) { |
I think we could avoid the dup() entirely here and simply passing addrport_sep - addrport to this function. This avoid us an allocation and free.
That doesn't work, as it tries feeding the address to tor_inet_pton and sees if parsing succeeded. It doesn't like the separating colon.
Isn't addrportsep - addrport is only the address without the semicolon?
Umm no? It's number of bytes from the start of addrport to colon (pointer value in const char *addrport_sep) - a length of address alone (without colon and port). string_is_valid_ipv4_address() only takes the string and does not have a second parameter that says "check this much of the input". That's why I'm using tor_strndup() to copy only the part I can check with string_is_valid_ipv4_address().
Maybe there's some code clarity improvement to be made?
Ahhhh! yes ok I get it. That is fine then. Lets merge this!
https://trac.torproject.org/projects/tor/ticket/26488
The text was updated successfully, but these errors were encountered: