SA Bugzilla – Bug 4780
[review] IP_ADDRESS and LOCALHOST regexes are way to liberal in looking for IPv6 addresses
Last modified: 2006-03-08 15:25:16 UTC
The existing regexes will parse any hex characters that come anywhere near a colon, without regard for validity. For instance, "Dec", "04:07:58" and more get parsed from this header: X-Originating-IP: [0.211.128.78] via HTTP from webmail.mail.ru; Fri, 02 Dec 2005 04:07:58
Created attachment 3357 [details] patch Sending lib/Mail/SpamAssassin/Constants.pm Sending t/ip_addrs.t Transmitting file data .. Committed revision 374643. Fixes some invalid ip_addr.t tests too.
Please review for 3.1. This will prevent pack() problems with anything that might not validate the IP addresses it uses, like in bug 4485.
+0.9; just wondering about this, though: -ok (tryone (Mail::SpamAssassin::Constants::IP_ADDRESS, "ff02:0:0:0:0:0:1")); -ok (tryone (Mail::SpamAssassin::Constants::IP_ADDRESS, "ff02:0:0:0:0:0:2")); +ok (tryone (Mail::SpamAssassin::Constants::IP_ADDRESS, "ff02:0:0:0:0:0:0:1")); +ok (tryone (Mail::SpamAssassin::Constants::IP_ADDRESS, "ff02:0:0:0:0:0:0:2")); were the top 2 invalid?
Yeah, they were only 112 bits.
+1 ok, good enough for me ;)
I'm not very familiar with IPv6, but from a quick look at the patch it seems ok to me. +1
I'm pretty sure it conforms to the current RFCs. Well except for RFC 1924. ;) 3.1: Sending lib/Mail/SpamAssassin/Constants.pm Sending t/ip_addrs.t Transmitting file data .. Committed revision 374786.
*** Bug 4673 has been marked as a duplicate of this bug. ***