Project

General

Profile

Actions

Bug #19479

closed

Support IPv4-mapped IPv6 addresses in IPAddr#private?

Added by tgxworld (Guo Xiang Tan) almost 2 years ago. Updated over 1 year ago.

Status:
Closed
Assignee:
-
Target version:
-
ruby -v:
ruby 3.2.1 (2023-02-08 revision 31819e82c8) [x86_64-linux]
[ruby-core:112697]

Description

irb(main):010:0> IPAddr.new("172.16.0.0").private?
=> true
irb(main):011:0> IPAddr.new("::ffff:172.16.0.0").private?
=> false

If IPAddr#private? is used in a critical code path, not supporting IPv4-mapped IPv6 addresses could lead to security issues.

Updated by jeremyevans0 (Jeremy Evans) over 1 year ago

I submitted an upstream pull request to fix this: https://github.com/ruby/ipaddr/pull/57

Actions #2

Updated by jeremyevans (Jeremy Evans) over 1 year ago

  • Status changed from Open to Closed

Applied in changeset git|de51a4a13eab2c4c5917de923edde33dfed6f22f.


[ruby/ipaddr] Consider IPv4-mapped IPv6 addresses private if IPv4 address is private

Fixes [Bug #19479]

https://github.com/ruby/ipaddr/commit/7faa0768d3

Actions

Also available in: Atom PDF

Like0
Like0Like0