php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #50830 FILTER_VALIDATE_IP incorrectly validates a compressed IPv4-mapped IPv6 address
Submitted: 2010-01-24 15:45 UTC Modified: 2010-11-08 05:44 UTC
From: mikerushton at hotmail dot co dot uk Assigned: cataphract (profile)
Status: Closed Package: Filter related
PHP Version: 5.*, 6 OS: *
Private report: No CVE-ID: None
 [2010-01-24 15:45 UTC] mikerushton at hotmail dot co dot uk
Description:
------------
FILTER_VALIDATE_IP validates the incorrect 0:::255.255.255.255 and does 
not validate the correct 0::255.255.255.255

According to RFC 5321, the correct syntax is:

[IPv6-hex *3(":" IPv6-hex)] "::" [IPv6-hex *3(":" IPv6-hex) ":"] IPv4-
address-literal

This does not allow for three consecutive colons.

Reproduce code:
---------------
// First

filter_var('FFFF:::255.255.255.255', FILTER_VALIDATE_IP);

// Second

filter_var('FFFF::255.255.255.255', FILTER_VALIDATE_IP);

Expected result:
----------------
// First

bool(false)

// Second

string(21) 'FFFF::255.255.255.255'

Actual result:
--------------
// First

string(22) 'FFFF:::255.255.255.255'

// Second

bool(false)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-02-01 15:34 UTC] mikerushton at hotmail dot co dot uk
An addition: here's my solution (as a regular expression):

(?:(?:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){7})|(?:(?!(?:.*[a-f0-9](?
::|$)){7,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,5})?::(?:[a-f0-9]{1,4}(?
::[a-f0-9]{1,4}){0,5})?)))|(?:(?:(?:[a-f0-9]{1,4}(?::[a-f0-
9]{1,4}){5}:)|(?:(?!(?:.*[a-f0-9]:){5,})(?:[a-f0-9]{1,4}(?::[a-f0-
9]{1,4}){0,3})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,3}:)?))?(?:(?
:25[0-5])|(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))(?:\.(?:(?:25[0-
5])|(?:2[0-4][0-9])|(?:1[0-9]{2})|(?:[1-9]?[0-9]))){3}))
 [2010-08-17 18:47 UTC] michael at squiloople dot com
It has come to my attention that the regular expression I provided above uses 
RFC 5321 as the authority on IPv6 address format. This differs from RFC 4291 
however, which is the ACTUAL authority on IPv6 address format. The key 
difference between the two is that 4291 allows a double colon to represent just 
ONE 16-bit group of zeros whereas 5321 requires that it represent at least TWO 
groups. As such, I have provided a modified regular expression which conforms 
with 4291 in this respect (and have also removed the unnecessary capturing 
groups present in my earlier regex)

(?:(?:(?:(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){7})|(?:(?!(?:.*[a-f0-
9](?::|$)){8,})(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,6})?::(?:[a-f0-
9]{1,4}(?::[a-f0-9]{1,4}){0,6})?)))|(?:(?:(?:(?:[a-f0-9]{1,4}(?::[a-f0-
9]{1,4}){5}:)|(?:(?!(?:.*[a-f0-9]:){6,})(?:[a-f0-9]{1,4}(?::[a-f0-
9]{1,4}){0,4})?::(?:[a-f0-9]{1,4}(?::[a-f0-9]{1,4}){0,4}:)?)))?(?:25[0-5]|2[0-
4][0-9]|1[0-9]{2}|[1-9]?[0-9])(?:\.(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-
9])){3}))
 [2010-09-07 21:42 UTC] sob at academ dot com
Please note that RFC 4291 has been updated by RFC 5952.
 [2010-09-08 01:00 UTC] michael at squiloople dot com
RFC 5952 is only a Proposed Standard. RFC 4291 is still the authority. And even 
if/when RFC 5952 is accepted, it is only a recommendation for (good practice) 
representation and clearly states that "all implementations must accept and be 
able to handle any legitimate RFC 4291 format".
 [2010-11-08 05:44 UTC] cataphract@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: cataphract
 [2010-11-08 05:44 UTC] cataphract@php.net
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

Fixed in revision #305186 for PHP 5.3 and trunk.

http://svn.php.net/viewvc/?view=revision&revision=305186
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Dec 26 10:01:29 2024 UTC