From: Ondrej Zajicek (work) <santiago@crfreenet.org>
Date: Wed, 5 Jan 2022 15:38:49 +0000 (+0100)
Subject: Conf: Fix parsing full-length IPv6 addresses
X-Git-Tag: v2.0.9~23
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=29dda184e56ce3a1ec72db4612198f6b3ba84e82;p=thirdparty%2Fbird.git

Conf: Fix parsing full-length IPv6 addresses

Lexer expression for bytestring was too loose, accepting also
full-length IPv6 addresses. It should be restricted such that
colon is used between every byte or never.

Fix the regex and also add some test cases for it.

Thanks to Alexander Zubkov for the bugreport
---

diff --git a/conf/cf-lex.l b/conf/cf-lex.l
index 704a1750f..c9d2f5a5a 100644
--- a/conf/cf-lex.l
+++ b/conf/cf-lex.l
@@ -255,7 +255,7 @@ WHITE [ \t]
   return IP4;
 }
 
-{XIGIT}{2}(:{XIGIT}{2}|{XIGIT}{2}){15,} {
+{XIGIT}{2}((:{XIGIT}{2}){15,}|({XIGIT}{2}){15,}) {
   char *s = yytext;
   size_t len = 0, i;
   struct bytestring *bytes;
diff --git a/filter/test.conf b/filter/test.conf
index 6a28e4b3d..f902f99f3 100644
--- a/filter/test.conf
+++ b/filter/test.conf
@@ -335,6 +335,26 @@ ip p;
 	p = 1234:5678::;
 	bt_assert(!p.is_v4);
 	bt_assert(p.mask(24) = 1234:5600::);
+
+	p = 1:2:3:4:5:6:7:8;
+	bt_assert(!p.is_v4);
+	bt_assert(format(p) = "1:2:3:4:5:6:7:8");
+	bt_assert(p.mask(64) = 1:2:3:4::);
+
+	p = 10:20:30:40:50:60:70:80;
+	bt_assert(!p.is_v4);
+	bt_assert(format(p) = "10:20:30:40:50:60:70:80");
+	bt_assert(p.mask(64) = 10:20:30:40::);
+
+	p = 1090:20a0:30b0:40c0:50d0:60e0:70f0:8000;
+	bt_assert(!p.is_v4);
+	bt_assert(format(p) = "1090:20a0:30b0:40c0:50d0:60e0:70f0:8000");
+	bt_assert(p.mask(64) = 1090:20a0:30b0:40c0::);
+
+	p = ::fffe:6:c0c:936d:88c7:35d3;
+	bt_assert(!p.is_v4);
+	bt_assert(format(p) = "::fffe:6:c0c:936d:88c7:35d3");
+	bt_assert(p.mask(64) = 0:0:fffe:6::);
 }
 
 bt_test_suite(t_ip, "Testing ip address");