make address parsing stricter

author: Bob Halley <halley@nominum.com> 2011-07-08 17:50:10 -0700
committer: Bob Halley <halley@nominum.com> 2011-07-08 17:50:10 -0700
commit: c492addec82e325ef77e95d9a53775d3fe60d056 (patch)
tree: ac243e69efca00e77c969490647d506e29ee3394
parent: 4e3f3469f49988edf827667644bc923e64179f5e (diff)
download: dnspython-c492addec82e325ef77e95d9a53775d3fe60d056.tar.gz
3 files changed, 36 insertions, 18 deletions
diff --git a/ChangeLog b/ChangeLog
index 94eca92..08d93d8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+2011-07-08  Bob Halley  <halley@dnspython.org>
+
+	* dns/ipv4.py: dnspython now provides its own, stricter, versions
+	  of IPv4 inet_ntoa() and inet_aton() instead of using the OS's
+	  versions.
+
+	* dns/ipv6.py: inet_aton() now bounds checks embedded IPv4 addresses
+	  more strictly.  Also, now only dns.exception.SyntaxError can be
+	  raised on bad input.
+
 2011-04-05  Bob Halley  <halley@dnspython.org>
 
 	* Old DNSSEC types (KEY, NXT, and SIG) have been removed.
diff --git a/dns/ipv4.py b/dns/ipv4.py
index 8e5305a..1860ddc 100644
--- a/dns/ipv4.py
+++ b/dns/ipv4.py
@@ -15,20 +15,21 @@
 
 """IPv4 helper functions."""
 
-import socket
-import sys
+import struct
 
-if sys.platform == 'win32':
-    #
-    # XXX  Does the Win32 python 3 inet_aton still reject 255.255.255.255?
-    # Until we know it doesn't, we'll keep our workaround in place.
-    #
-    def inet_aton(text):
-        if text == '255.255.255.255':
-            return b'\xff' * 4
-        else:
-            return socket.inet_aton(text)
-else:
-    inet_aton = socket.inet_aton
+import dns.exception
 
-inet_ntoa = socket.inet_ntoa
+def inet_ntoa(address):
+    if len(address) != 4:
+        raise dns.exception.SyntaxError
+    return '%u.%u.%u.%u' % (address[0], address[1], address[2], address[3])
+
+def inet_aton(text):
+    parts = text.split('.')
+    if len(parts) != 4:
+        raise dns.exception.SyntaxError
+    try:
+        bytes = [int(part) for part in parts]
+        return struct.pack('BBBB', *bytes)
+    except:
+        raise dns.exception.SyntaxError
diff --git a/dns/ipv6.py b/dns/ipv6.py
index fc53ec4..4b9312b 100644
--- a/dns/ipv6.py
+++ b/dns/ipv6.py
@@ -108,9 +108,16 @@ def inet_aton(text):
     #
     m = _v4_ending.match(text)
     if not m is None:
-        text = "%s:%04x:%04x" % (m.group(1),
-                                 int(m.group(2)) * 256 + int(m.group(3)),
-                                 int(m.group(4)) * 256 + int(m.group(5)))
+        try:
+            b1 = int(m.group(2))
+            b2 = int(m.group(3))
+            b3 = int(m.group(4))
+            b4 = int(m.group(5))
+        except:
+            raise dns.exception.SyntaxError
+        if b1 > 255 or b2 > 255 or b3 > 255 or b4 > 255:
+            raise dns.exception.SyntaxError
+        text = "%s:%04x:%04x" % (m.group(1), b1 * 256 + b2, b3 * 256 + b4)
     #
     # Try to turn '::<whatever>' into ':<whatever>'; if no match try to
     # turn '<whatever>::' into '<whatever>:'
author	Bob Halley <halley@nominum.com>	2011-07-08 17:50:10 -0700
committer	Bob Halley <halley@nominum.com>	2011-07-08 17:50:10 -0700
commit	c492addec82e325ef77e95d9a53775d3fe60d056 (patch)
tree	ac243e69efca00e77c969490647d506e29ee3394
parent	4e3f3469f49988edf827667644bc923e64179f5e (diff)
download	dnspython-c492addec82e325ef77e95d9a53775d3fe60d056.tar.gz