Perl: 5.14.4
OS: SunOS dev1 5.11 omnios-d3950d8 i86pc i386 i86pc Solaris
Function: is_public_ipv6(), internally using _slow_is_ipv6()
Input ":11"
Error: "Bad arg length for NetAddr::IP::Util::sub128, length is 0, should be 128"
While parsing some HTTP headers for ips with is_public_ipv4() and is_public_ipv6(), I came across the input and resulting error listed above. It passes the parsing of _slow_is_ipv6. When fed to NetAddr::IP->new6(), the result is undefined. Passing undefined to $network->contains() causes the error.
I have attached a short test script and a patch. The patch fixes both the _slow_is_ipv6 such that it fails leading single colons as invalid, as well as returning early if in is_[network]_ipv[4,6]() subs if NetAddr::IP->[new,new6]() is undefined.
| Subject: | IP.pm.diff |
145c145
< elsif ($empty > 1) {
---
> elsif ($empty > 1 || $value =~ /^:/) {
450c450
< my $netaddr_ip = NetAddr::IP->%s($ip);
---
> my $netaddr_ip = NetAddr::IP->%s($ip) or return;
475c475
< my $netaddr_ip = NetAddr::IP->%s($ip);
---
> my $netaddr_ip = NetAddr::IP->%s($ip) or return;
| Subject: | test.pl |
use strict;
use warnings;
use Data::Validate::IP;
Data::Validate::IP::is_public_ipv6(':11');