Fix parsing of IPv6 addresses to limit leading zeros

The current implementations of inet:parse_ipv6_address/1 and
inet:parse_ipv6strict_address/1 permit address strings which have an
unlimited number of leading zeros. Addresses such as:

    "0000000000000000000000000000000ffff::"
    "::00000000000000000000000000000000000000000000000000000000"
    "::0000000f435:1"

If we are using this facility to validate string representations of
IPv6 addresses, then we would end up validating addresses which are
non-conformant (with respect to RFC 4291 section 2.2) and potentially
dangerous.

This patch ensures that each segment of an IPv6 address has a maximum
of 4 hex digits.

0 files changed, 0 insertions, 0 deletions