aboutsummaryrefslogtreecommitdiffstats
path: root/lib/diameter/src/base/diameter_lib.erl
diff options
context:
space:
mode:
authorRory Byrne <[email protected]>2015-05-14 10:54:31 +0100
committerRory Byrne <[email protected]>2015-05-22 09:05:00 +0100
commitc0be40c2dad6661d28e7aafb35057f06095bb2bb (patch)
tree0f888b34fa50d974eeadeaeac29f700ae4cb2d92 /lib/diameter/src/base/diameter_lib.erl
parentefbfe9602983ff451b864e557bdf3733222b78ba (diff)
downloadotp-c0be40c2dad6661d28e7aafb35057f06095bb2bb.tar.gz
otp-c0be40c2dad6661d28e7aafb35057f06095bb2bb.tar.bz2
otp-c0be40c2dad6661d28e7aafb35057f06095bb2bb.zip
Fix parsing of IPv6 addresses to limit leading zeros
The current implementations of inet:parse_ipv6_address/1 and inet:parse_ipv6strict_address/1 permit address strings which have an unlimited number of leading zeros. Addresses such as: "0000000000000000000000000000000ffff::" "::00000000000000000000000000000000000000000000000000000000" "::0000000f435:1" If we are using this facility to validate string representations of IPv6 addresses, then we would end up validating addresses which are non-conformant (with respect to RFC 4291 section 2.2) and potentially dangerous. This patch ensures that each segment of an IPv6 address has a maximum of 4 hex digits.
Diffstat (limited to 'lib/diameter/src/base/diameter_lib.erl')
0 files changed, 0 insertions, 0 deletions