Re: BUG #14198: IPv6 address validation broken

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: stefan(at)kaltenbrunner(dot)cc
Cc: pgsql-bugs(at)postgresql(dot)org
Subject: Re: BUG #14198: IPv6 address validation broken
Date: 2016-06-16 21:05:52
Message-ID: 9523.1466111152@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-bugs

stefan(at)kaltenbrunner(dot)cc writes:
> IPv6 address validation seems to be a "tad" broken in all current
> releases:

Hmm, looks like we need this at inet_net_pton.c:499:

else if (*src == '\0')
goto enoent;
if (tp + NS_INT16SZ > endp)
- return (0);
+ goto enoent;
*tp++ = (u_char) (val >> 8) & 0xff;
*tp++ = (u_char) val & 0xff;
saw_xdigit = 0;

A bit of googling suggests that this is equally broken in assorted
BSD distributions, which is likely where we got the code from
originally. I wonder who we can report it to?

regards, tom lane

In response to

Responses

Browse pgsql-bugs by date

  From Date Subject
Next Message Michael Paquier 2016-06-17 01:18:16 Re: BUG #14194: Why do these bases are open to public access?
Previous Message Martín Marqués 2016-06-16 19:21:57 Re: pg_dump doesn't dump new objects created in schemas from extensions