[commons-validator] branch master updated: VALIDATOR-445 Inet6Address scope id and bit size

Mon, 27 Jul 2020 06:47:58 -0700 

This is an automated email from the ASF dual-hosted git repository.

sebb pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-validator.git


The following commit(s) were added to refs/heads/master by this push:
     new 6d045cb  VALIDATOR-445 Inet6Address scope id and bit size
6d045cb is described below

commit 6d045cbf8613e938c634f0c96305b601aa55dc7d
Author: Sebb <s...@apache.org>
AuthorDate: Mon Jul 27 14:46:54 2020 +0100

    VALIDATOR-445 Inet6Address scope id and bit size
---
 src/changes/changes.xml                            | 11 +++++---
 .../validator/routines/InetAddressValidator.java   | 30 +++++++++++++++++++++-
 .../routines/InetAddressValidatorTest.java         | 28 ++++++++++++++++++++
 3 files changed, 64 insertions(+), 5 deletions(-)

diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index 0efbbb7..7eba2d1 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -99,13 +99,16 @@ Apache Commons Validator.
 For the current list of dependencies, please see
 http://commons.apache.org/validator/dependencies.html
   ">
-    <action issue="VALIDATOR-452" type="fix" dev="sebb">
+    <action issue="VALIDATOR-445" type="fix" dev="sebb" due-to="devson">
+    Inet6Address may also contain a scope id
+    </action>
+    <action issue="VALIDATOR-452" type="fix" dev="sebb" due-to="devson">
     Validation of URL containing IPv4-mapped IPv6 address
     </action>
     <action issue="VALIDATOR-471" type="add" dev="sebb">
     Allow DomainValidator overrides at run-time
     </action>
-    <action issue="VALIDATOR-438" type="fix" dev="sebb">
+    <action issue="VALIDATOR-438" type="fix" dev="sebb" due-to="Simon Marti">
     IBANValidator fails for El Salvador
     Add definition
     </action>
@@ -129,10 +132,10 @@ http://commons.apache.org/validator/dependencies.html
     Update Apache Commons BeanUtils dependency from 1.9.3 to 1.9.4
     This picks up BEANUTILS-520: Mitigate CVE-2014-0114.
     </action>
-    <action issue="VALIDATOR-455" type="add" dev="sebb">
+    <action issue="VALIDATOR-455" type="add" dev="sebb" due-to="Eugen 
Hanussek">
     Add IBAN validator for VA – Vatican City State
     </action>
-    <action issue="VALIDATOR-461" type="fix" dev="sebb">
+    <action issue="VALIDATOR-461" type="fix" dev="sebb" due-to="Nils 
Reischmann">
     Generic .gmbh top level domain is considered invalid
     </action>
     <action issue="VALIDATOR-444" type="fix" dev="sebb" due-to="Martin Scholz">
diff --git 
a/src/main/java/org/apache/commons/validator/routines/InetAddressValidator.java 
b/src/main/java/org/apache/commons/validator/routines/InetAddressValidator.java
index e6134fc..b265cc1 100644
--- 
a/src/main/java/org/apache/commons/validator/routines/InetAddressValidator.java
+++ 
b/src/main/java/org/apache/commons/validator/routines/InetAddressValidator.java
@@ -125,7 +125,35 @@ public class InetAddressValidator implements Serializable {
      * 
      * @since 1.4.1
      */
-    public boolean isValidInet6Address(String inet6Address) {
+    public boolean isValidInet6Address(String inet6AddressInput) {
+        String[] parts;
+        // remove prefix size. This will appear after the zone id (if any)
+        parts = inet6AddressInput.split("/", -1);
+        if (parts.length > 2) {
+            return false; // can only have one prefix specifier
+        }
+        if (parts.length == 2) {
+            if (parts[1].matches("\\d{1,3}")) { // Need to eliminate signs
+                int bits = Integer.parseInt(parts[1]); // cannot fail because 
of RE check
+                if (bits < 0 || bits > 128) {
+                    return false; // out of range
+                }
+            } else {
+                return false; // not a valid number
+            }
+        }
+        // remove zone-id
+        parts = parts[0].split("%", -1);
+        if (parts.length > 2) {
+            return false;
+        } else if (parts.length == 2){
+            // The id syntax is implemenatation independent, but it presumably 
cannot allow:
+            // whitespace, '/' or '%'
+            if (!parts[1].matches("[^\s/%]+")) {
+                return false; // invalid id
+            }
+        }
+        String inet6Address = parts[0];
         boolean containsCompressedZeroes = inet6Address.contains("::");
         if (containsCompressedZeroes && (inet6Address.indexOf("::") != 
inet6Address.lastIndexOf("::"))) {
             return false;
diff --git 
a/src/test/java/org/apache/commons/validator/routines/InetAddressValidatorTest.java
 
b/src/test/java/org/apache/commons/validator/routines/InetAddressValidatorTest.java
index bfef654..1bb312f 100644
--- 
a/src/test/java/org/apache/commons/validator/routines/InetAddressValidatorTest.java
+++ 
b/src/test/java/org/apache/commons/validator/routines/InetAddressValidatorTest.java
@@ -73,6 +73,34 @@ public class InetAddressValidatorTest extends TestCase {
     }
 
     /**
+     * Inet6Address may also contain a scope id
+     */
+    public void testVALIDATOR_445() {
+        String [] valid = {
+            "2001:0000:1234:0000:0000:C1C0:ABCD:0876",
+            "2001:0000:1234:0000:0000:C1C0:ABCD:0876/123",
+            "2001:0000:1234:0000:0000:C1C0:ABCD:0876/0",
+            "2001:0000:1234:0000:0000:C1C0:ABCD:0876%0",
+            "2001:0000:1234:0000:0000:C1C0:ABCD:0876%abcdefgh",
+            };
+        String [] invalid = {
+            "2001:0000:1234:0000:0000:C1C0:ABCD:0876/129", // too big
+            "2001:0000:1234:0000:0000:C1C0:ABCD:0876/-0", // sign not allowed
+            "2001:0000:1234:0000:0000:C1C0:ABCD:0876/+0", // sign not allowed
+            "2001:0000:1234:0000:0000:C1C0:ABCD:0876/10O", // non-digit
+            "2001:0000:1234:0000:0000:C1C0:ABCD:0876/0%0", // /bits before 
%node-id
+            "2001:0000:1234:0000:0000:C1C0:ABCD:0876%abc defgh", // space in 
node id
+            "2001:0000:1234:0000:0000:C1C0:ABCD:0876%abc%defgh", // '%' in 
node id
+            };
+        for(String item : valid) {
+            assertTrue(String.format("%s should be valid", item), 
validator.isValid(item));
+        }
+        for(String item : invalid) {
+            assertFalse(String.format("%s should be invalid", item), 
validator.isValid(item));
+        }
+    }
+
+    /**
      * Test valid and invalid IPs from each address class.
      */
     public void testInetAddressesByClass() {

Reply via email to