New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

validate_syntax and start_domain_test functions do not correctly validate IPv4 and IPv6 addresses #173

Closed
matsduf opened this Issue Jun 8, 2016 · 4 comments

Comments

Projects
None yet
3 participants
@matsduf
Contributor

matsduf commented Jun 8, 2016

Both validate_syntax and start_domain_test validate the parameters, e.g. the IPv4 address. The validation accepts truncated IPv4 address, i.e. addresses of 1-3 octetts. When a test started with a truncated IPv4 address is fetched, the following is returned:
{"id":"2016:000006","error":{"message":"malformed JSON string, neither array, object, number, string or atom, at character offset 0 (before "(end of string)") at /usr/local/share/perl/5.18.2/Zonemaster/WebBackend/DB/MySQL.pm line 200.\n","code":-32603},"jsonrpc":"2.0"}

Validation is done in WebBackend/Engine.pm with Net::IP::XS::ip_is_ipv4 which accepts truncated IPv4 addresses, which is documented in the man page.

We have the same problem with IPv6 addresses where the last two IPv6 address "words" are written in IPv4 format, e.g. "2a00:801::255.255.255.254". If the IPv4 part is complete everything works as it should, but if the IPv4 part is truncated, e.g. "2a00:801::255.255.255", it is accepted by ip_is_ipv6() (since it uses ip_is_ipv4() to parse the last part), but it will fail in zonemaster.

The validation should be stricter.

@matsduf matsduf changed the title from validate_syntax and start_domain_test functions do not correctly validate IPv4 addresses to validate_syntax and start_domain_test functions do not correctly validate IP addresses Jun 16, 2016

@matsduf matsduf changed the title from validate_syntax and start_domain_test functions do not correctly validate IP addresses to validate_syntax and start_domain_test functions do not correctly validate IPv4 addresses Jun 16, 2016

@matsduf matsduf changed the title from validate_syntax and start_domain_test functions do not correctly validate IPv4 addresses to validate_syntax and start_domain_test functions do not correctly validate IPv4 and IPv6 addresses Jun 16, 2016

@sandoche2k sandoche2k added this to the Release 2016.2 milestone Nov 14, 2016

@sandoche2k sandoche2k modified the milestones: 2017.1, Release 2016.2 Nov 25, 2016

@sandoche2k sandoche2k modified the milestones: 2017.4, 2017.1 Sep 12, 2017

@sandoche2k

This comment has been minimized.

Show comment
Hide comment
@sandoche2k

sandoche2k Nov 27, 2017

Contributor

@matsduf to provide the Regexp.
@mtoma to implement

Contributor

sandoche2k commented Nov 27, 2017

@matsduf to provide the Regexp.
@mtoma to implement

@matsduf

This comment has been minimized.

Show comment
Hide comment
@matsduf

matsduf Nov 30, 2017

Contributor

@mtoma, if the following regexp is combined with test of Net::IP then only valid IPs will pass:

/^(([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})|([0-9A-Fa-f]{1,4}:[0-9A-Fa-f:]{1,}(:[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})?)|([0-9A-Fa-f]{1,4}::[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}))$/
Contributor

matsduf commented Nov 30, 2017

@mtoma, if the following regexp is combined with test of Net::IP then only valid IPs will pass:

/^(([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})|([0-9A-Fa-f]{1,4}:[0-9A-Fa-f:]{1,}(:[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})?)|([0-9A-Fa-f]{1,4}::[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}))$/
@sandoche2k

This comment has been minimized.

Show comment
Hide comment
@sandoche2k

sandoche2k Dec 13, 2017

Contributor

@mtoma thanks for taking a look at this issue.

Contributor

sandoche2k commented Dec 13, 2017

@mtoma thanks for taking a look at this issue.

mtoma pushed a commit to mtoma/zonemaster-backend that referenced this issue Dec 14, 2017

@matsduf matsduf referenced this issue Jan 2, 2018

Merged

Fix issue 173 #328

mtoma added a commit that referenced this issue Jan 2, 2018

@sandoche2k

This comment has been minimized.

Show comment
Hide comment
@sandoche2k

sandoche2k Jan 3, 2018

Contributor

closed by #328

Contributor

sandoche2k commented Jan 3, 2018

closed by #328

@sandoche2k sandoche2k closed this Jan 3, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment