diff options
Diffstat (limited to 'tests/draft2019-09/optional/format/ipv4.json')
-rw-r--r-- | tests/draft2019-09/optional/format/ipv4.json | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/tests/draft2019-09/optional/format/ipv4.json b/tests/draft2019-09/optional/format/ipv4.json index 8b99b9f..e36a381 100644 --- a/tests/draft2019-09/optional/format/ipv4.json +++ b/tests/draft2019-09/optional/format/ipv4.json @@ -32,6 +32,17 @@ "description": "an IP address as an integer (decimal)", "data": "2130706433", "valid": false + }, + { + "description": "leading zeroes should be rejected, as they are treated as octals", + "comment": "see https://sick.codes/universal-netmask-npm-package-used-by-270000-projects-vulnerable-to-octal-input-data-server-side-request-forgery-remote-file-inclusion-local-file-inclusion-and-more-cve-2021-28918/", + "data": "087.10.0.1", + "valid": false + }, + { + "description": "value without leading zero is valid", + "data": "87.10.0.1", + "valid": true } ] } |