From b83373594349b814459128d4ad1dd70c61b70831 Mon Sep 17 00:00:00 2001
From: Amos Jeffries <yadij@users.noreply.github.com>
Date: Wed, 27 Aug 2025 19:13:15 +0000
Subject: [PATCH] Validate raw-IPv4 when parsing hostnames (#2140)

---
 src/anyp/Uri.cc | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/src/anyp/Uri.cc b/src/anyp/Uri.cc
index 97121e4d65..6527e6316c 100644
--- a/src/anyp/Uri.cc
+++ b/src/anyp/Uri.cc
@@ -637,8 +637,20 @@ AnyP::Uri::parseHost(Parser::Tokenizer &tok) const
 
     // no brackets implies we are looking at IPv4address or reg-name
 
-    // XXX: This code does not detect/reject some bad host values (e.g. "!#$%&"
-    // and "1.2.3.4.5"). TODO: Add more checks here, after migrating the
+    static const CharacterSet IPv4chars = CharacterSet("period", ".") + CharacterSet::DIGIT;
+    SBuf ipv4ish; // IPv4address-ish
+    if (tok.prefix(ipv4ish, IPv4chars)) {
+        // This rejects non-IP addresses that our caller would have
+        // otherwise mistaken for a domain name (e.g., '127.0.0' or '1234.5').
+        Ip::Address ipCheck;
+        if (!ipCheck.fromHost(ipv4ish.c_str()))
+            throw TextException("malformed IP address in uri-host", Here());
+
+        return ipv4ish;
+    }
+
+    // XXX: This code does not detect/reject some bad host values (e.g. "!#$%&").
+    // TODO: Add more checks here, after migrating the
     // non-CONNECT uri-host parsing code to use us.
 
     SBuf otherHost; // IPv4address-ish or reg-name-ish;
-- 
2.47.3