(commons-validator) branch master updated: Reject signed hex group in InetAddressValidator.isValidInet6Address(String).

Sat, 30 May 2026 05:25:33 -0700 

This is an automated email from the ASF dual-hosted git repository.

garydgregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-validator.git


The following commit(s) were added to refs/heads/master by this push:
     new fe47ee61 Reject signed hex group in 
InetAddressValidator.isValidInet6Address(String).
fe47ee61 is described below

commit fe47ee618b68a76eb693ccc9efbeb0aed65de5ad
Author: Gary Gregory <[email protected]>
AuthorDate: Sat May 30 08:25:19 2026 -0400

    Reject signed hex group in
    InetAddressValidator.isValidInet6Address(String).
    
    Lookup char once.
---
 src/changes/changes.xml                                                | 1 +
 .../org/apache/commons/validator/routines/InetAddressValidator.java    | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index b4a37999..dcafd2c8 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -72,6 +72,7 @@ The <action> type attribute can be add,update,fix,remove.
     <action type="fix" dev="ggregory" due-to="Gary Gregory" 
issue="VALIDATOR-506">DomainValidator ICAAN Revocation for .lipsy: 
https://www.iana.org/reports/tld-transfer/20250227-lipsy.</action>
     <action type="fix" dev="ggregory" due-to="Gary Gregory" 
issue="VALIDATOR-507">DomainValidator ICAAN Revocation for .pramerica" 
https://www.iana.org/reports/tld-transfer/20250516-pramerica.</action>
     <action type="fix" dev="ggregory" due-to="Gary Gregory" 
issue="VALIDATOR-508">DomainValidator ICAAN Revocation for .redstone: 
https://www.iana.org/reports/tld-transfer/20250826-redstone.</action>
+    <action type="fix" dev="ggregory" due-to="Sahana Surendra Bogar, Gary 
Gregory" issue="VALIDATOR-508">Reject signed hex group in 
InetAddressValidator.isValidInet6Address(String) #379.</action>
     <!-- ADD -->
     <!-- UPDATE -->
     <action type="update" dev="ggregory" due-to="Gary Gregory, 
Dependabot">Bump org.apache.commons:commons-parent from 92 to 100 #377.</action>
diff --git 
a/src/main/java/org/apache/commons/validator/routines/InetAddressValidator.java 
b/src/main/java/org/apache/commons/validator/routines/InetAddressValidator.java
index 7fe18a9d..33abaf61 100644
--- 
a/src/main/java/org/apache/commons/validator/routines/InetAddressValidator.java
+++ 
b/src/main/java/org/apache/commons/validator/routines/InetAddressValidator.java
@@ -201,7 +201,8 @@ public class InetAddressValidator implements Serializable {
                 if (octet.length() > IPV6_MAX_HEX_DIGITS_PER_GROUP) {
                     return false;
                 }
-                if (octet.charAt(0) == '+' || octet.charAt(0) == '-') {
+                final char char0 = octet.charAt(0);
+                if (char0 == '+' || char0 == '-') {
                     return false; // Integer.parseInt accepts a leading sign, 
which is not a valid hex group
                 }
                 int octetInt = 0;

Reply via email to