On 15/05/20 10:48 pm, Michael Van Canneyt wrote:
On Fri, 15 May 2020, Noel Duffy via fpc-pascal wrote:
While doing some work on bug 37060, the refactoring of StrToHostAddr
and StrToHostAddr6 in the sockets
unit,(https://bugs.freepascal.org/view.php?id=37060), I found that
StrToHostAddr is doing no validation at all on input address
characters before calling the function Val, so any Pascal notation
that Val accepts, such as 0x and $ for hexadecimal, % for binary, &
for octal, and mathematical signs are all accepted in ipv4 octets.
https://bugs.freepascal.org/view.php?id=37080
As a consequence, StrToHostAddr will happily parse addresses like these:
0xa.3.4.5
9.$c.4.5
%1111.%11001110.30.4
&7.&5.30.4
12.+4.1.1
Any number in any notation will be accepted as long as byte overflow
isn't triggered. Thus, + in octets is accepted, but - is not, because
the function detects that the octet is negative which then triggers
overflow.
Fixing this is outside the scope of the patch I'm preparing for 37060,
but if no-one else feels inclined to look into this by the time I'm
finished with that patch then I'll submit a new patch for it.
Fixed.
That must be a new record in bug fix speed. You fixed that within ten
minutes of my message to the list!
I forgot to mention in my message, but did mention in the bug report,
that leading zeroes are also allowed, so you can parse:
0000000001.1.1.1
_______________________________________________
fpc-pascal maillist - fpc-pascal@lists.freepascal.org
https://lists.freepascal.org/cgi-bin/mailman/listinfo/fpc-pascal