--- On Tue, 2/2/10, David F. Skoll <[email protected]> wrote:
> ...
> Actually, the Perl code will never see an IPv6-mapped IPv4 address,
> because the mimedefang.c code converts such an address to "pure"
> IPv4:
>
> /* Convert IPv6-mapped IPv4 address to pure IPv4.
> That is: ::ffff:xxx.yyy.zzz.www to simply xxx.yyy.zzz.www */
> if (tmp) {
> if (strchr(data->hostip, '.')) {
> char const *lastcolon = strrchr(data->hostip, ':');
> char *dst = data->hostip;
> while(lastcolon) {
> lastcolon++;
> *dst++ = *lastcolon;
> if (!*lastcolon) break;
> }
> }
> }
I really don't like that code, even if it happens to work. One should really
check for the "^::ffff:" prefix followed by 3 dots between 4 sequences of
numbers "\d{1,3}" which individually should be checked for range (0-255). I'll
let you build the proper regex.
The while loop is unnecessary. Once we have "lastcolon" not null, shouldn't
this work: "strncpy(dst, ++lastcolon, 16);"? 16 => 15 text characters plus
the terminator. To have a valid result, we should have 7 <= strlen(dst) <=15.
If less than 7 or more than 15, the string can't be a valid IPv4.
I think that the code is a bit too trusting in that only an embedded IPv4 will
be the ONLY IPv6 address with an embedded period. There may be something else
in the future that could be created:
e.g. 2002:192.0.2.0::1 (a new way of specifying 6in4 - currently not allowed).
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list [email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
