Opened 9 years ago

Closed 9 years ago

#26378 closed Bug (fixed)

Allowed a left byte of zero in mixed IPv4/IPv6 validation

Reported by: bshen Owned by: Amine Yaiche
Component: Database layer (models, ORM) Version: 1.8
Severity: Normal Keywords:
Cc: bshen Triage Stage: Ready for checkin
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: yes UI/UX: no

Description (last modified by Tim Graham)

Basically, IPv4-mapped IPv6 addresses in the CIDR block ::ffff:0.0.0.0/104 are validated as invalid when unpack_ipv4=False, yet is valid when the first IPv4 octet is non-zero or when unpack_ipv4=True.

# my.app.models
# Django==1.8.6
from django.db import models

class TestIPNoUnpack(models.Model):
    ip = models.GenericIPAddressField(null=False, protocol='both', unpack_ipv4=False)


class TestIPUnpack(models.Model):
    ip = models.GenericIPAddressField(null=False, protocol='both', unpack_ipv4=True)



> python manage.py shell

In [1]: from my.app.models import TestIPNoUnpack, TestIPUnpack

In [2]: testipunpack = TestIPUnpack(ip='::ffff:0.0.0.0')

In [3]: testipunpack.clean_fields()

In [4]: testipunpack.ip
Out[4]: '0.0.0.0'

In [5]: testipnounpack = TestIPNoUnpack(ip='::ffff:0.0.0.0')

In [6]: testipnounpack.clean_fields()

ValidationError: {'ip': [u'Enter a valid IPv4 or IPv6 address.']}

In [7]: testipnounpack2 = TestIPNoUnpack(ip='::ffff:0.255.255.255')

In [8]: testipnounpack2.clean_fields()

ValidationError: {'ip': [u'Enter a valid IPv4 or IPv6 address.']}

In [9]: testipnounpack3 = TestIPNoUnpack(ip='::ffff:1.0.0.0')

In [10]: testipnounpack3.clean_fields()

In [11]: testipnounpack3.ip
Out[11]: '::ffff:1.0.0.0'

Attachments (2)

26378.diff (2.4 KB ) - added by Amine Yaiche 9 years ago.
26378.1.diff (1.5 KB ) - added by Amine Yaiche 9 years ago.

Download all attachments as: .zip

Change History (13)

comment:1 by bshen, 9 years ago

Cc: bshen added
Component: UncategorizedDatabase layer (models, ORM)
Easy pickings: set

comment:3 by Tim Graham, 9 years ago

Description: modified (diff)

comment:4 by Amine Yaiche, 9 years ago

Owner: changed from nobody to Amine Yaiche
Status: newassigned
Triage Stage: UnreviewedAccepted

by Amine Yaiche, 9 years ago

Attachment: 26378.diff added

comment:5 by Tim Graham, 9 years ago

Has patch: set

PR

comment:6 by Tim Graham, 9 years ago

Description: modified (diff)

comment:7 by bshen, 9 years ago

Is this the actual desired behavior? I don't think we want to have mixed IPv4 and IPv6 representation be invalid when unpack_ipv4 is False. Mixed IPv4 and IPv6 is still valid IPv6. In fact, this would probably break existing code written by others that depends on this functionality where the first IPv4 octet is not 0.

Furthermore, it appears that root cause of the inconsistency is not addressed, but rather a whole class of valid IPv6 addresses is now marked invalid.

comment:8 by Amine Yaiche, 9 years ago

You are completely right. My apologies for the inconvenience. I was looking at the wrong problem.

by Amine Yaiche, 9 years ago

Attachment: 26378.1.diff added

comment:9 by bshen, 9 years ago

This looks like the correct fix. Thanks for responding and fixing it quickly!

comment:10 by Tim Graham, 9 years ago

Hi Amine, just wanted to mention for future reference that you don't need to attach a patch here when you also send a pull request.

comment:11 by Tim Graham, 9 years ago

Summary: Incorrect behavior in GenericIPAddressField with protocol='both', unpack_ipv4=FalseAllowed a left byte of zero in mixed IPv4/IPv6 validation
Triage Stage: AcceptedReady for checkin

comment:12 by Tim Graham <timograham@…>, 9 years ago

Resolution: fixed
Status: assignedclosed

In 32c8e43e:

Fixed #26378 -- Allowed a left byte of zero in mixed IPv4/IPv6 validation.

Note: See TracTickets for help on using tickets.
Back to Top