Merge pull request #7532 from AndrzejKurek/remove-leading-zeroes-ip-parsing

Disallow leading zeroes when parsing IPv4 addresses
2023-05-15 13:59:10 +01:00 · 2023-05-15 13:59:10 +01:00 · 926bcb04fe
commit 926bcb04fe
parent aba165b58c 9c9880a63f
2 changed files with 14 additions and 2 deletions
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@ -2813,7 +2813,6 @@ static int x509_inet_pton_ipv6(const char *src, void *dst)

 static int x509_inet_pton_ipv4(const char *src, void *dst)
 {
-    /* note: allows leading 0's, e.g. 000.000.000.000 */
    const unsigned char *p = (const unsigned char *) src;
    uint8_t *res = (uint8_t *) dst;
    uint8_t digit, num_digits = 0;
@ -2827,13 +2826,20 @@ static int x509_inet_pton_ipv4(const char *src, void *dst)
            if (digit > 9) {
                break;
            }
+
+            /* Don't allow leading zeroes. These might mean octal format,
+             * which this implementation does not support. */
+            if (octet == 0 && num_digits > 0) {
+                return -1;
+            }
+
            octet = octet * 10 + digit;
            num_digits++;
            p++;
        } while (num_digits < 3);

        if (octet >= 256 || num_digits > 3 || num_digits == 0) {
-            break;
+            return -1;
        }
        *res++ = (uint8_t) octet;
        num_octets++;
--- a/tests/suites/test_suite_x509parse.data
+++ b/tests/suites/test_suite_x509parse.data
@ -1046,6 +1046,12 @@ x509_verify:"data_files/server5-tricky-ip-san.crt":"data_files/server5-tricky-ip
 X509 CRT parse CN: IPv4 valid address
 x509_crt_parse_cn_inet_pton:"10.10.10.10":"0A0A0A0A":4

+X509 CRT parse CN: IPv4 leading zeroes #1
+x509_crt_parse_cn_inet_pton:"010.10.10.10":"":0
+
+X509 CRT parse CN: IPv4 leading zeroes #2
+x509_crt_parse_cn_inet_pton:"10.10.10.001":"":0
+
 X509 CRT parse CN: IPv4 excess 0s
 x509_crt_parse_cn_inet_pton:"10.0000.10.10":"":0