T816: disallow duplicate double semicolons.

3 files changed, 31 insertions, 0 deletions

diff --git a/src/ipaddrcheck.c b/src/ipaddrcheck.c
index 5e3243e..1bf889e 100644
--- a/src/ipaddrcheck.c
+++ b/src/ipaddrcheck.c
@@ -256,6 +256,14 @@ int main(int argc, char* argv[])
         }
         return(EXIT_FAILURE);
     }
+
+    /* FIXUP: libcidr allows more than one double semicolon, but the RFC does not! */
+    if( duplicate_double_semicolons(address_str) ) {
+        if( verbose ) {
+            printf("More than one \"::\" is not allowed in IPv6 addresses\n");
+        }
+        return(EXIT_FAILURE);
+    }
     /* no else needed, the rest is one big else */
 
     while( (action_count >= 0) && (result == RESULT_SUCCESS) )
diff --git a/src/ipaddrcheck_functions.c b/src/ipaddrcheck_functions.c
index 82d01f9..4a2d130 100644
--- a/src/ipaddrcheck_functions.c
+++ b/src/ipaddrcheck_functions.c
@@ -36,6 +36,28 @@
  * the format was.
  */
 
+
+/* Does it contain double semicolons? This is not allowed in IPv6 addresses */
+int duplicate_double_semicolons(char* address_str) {
+    int offsets[1];
+    pcre *re;
+    int rc;
+    const char *error;
+    int erroffset;
+
+    re = pcre_compile(".*(::).*\\1", 0, &error, &erroffset, NULL);
+    rc = pcre_exec(re, NULL, address_str, strlen(address_str), 0, 0, offsets, 1);
+
+    if( rc >= 0)
+    {
+        return(1);
+    }
+    else
+    {
+        return(0);
+    }
+}
+
 /* Does it look like IPv4 CIDR (e.g. 192.0.2.1/24)? */
 int is_ipv4_cidr(char* address_str)
 {
diff --git a/src/ipaddrcheck_functions.h b/src/ipaddrcheck_functions.h
index 1a23304..07fa776 100644
--- a/src/ipaddrcheck_functions.h
+++ b/src/ipaddrcheck_functions.h
@@ -52,6 +52,7 @@
 #define NO_LOOPBACK      0
 #define LOOPBACK_ALLOWED 1
 
+int duplicate_double_semicolons(char* address_str);
 int is_ipv4_cidr(char* address_str);
 int is_ipv4_single(char* address_str);
 int is_ipv6_cidr(char* address_str);