| Bug #78884 | INET_ATON accepts more than four groups of digits and returns INT bigger than 4G | ||
|---|---|---|---|
| Submitted: | 20 Oct 2015 12:01 | Modified: | 23 Oct 2015 15:38 |
| Reporter: | Guilhem Bichot | Email Updates: | |
| Status: | Closed | Impact on me: | |
| Category: | MySQL Server: Optimizer | Severity: | S3 (Non-critical) |
| Version: | 5.5.43,5.7.10 | OS: | Any |
| Assigned to: | CPU Architecture: | Any | |
[20 Oct 2015 13:21]
Guilhem Bichot
inet_aton("foo") returns NULL.
So,
select inet_aton("255.255.255.255.255.255.255.255");
should return NULL.
[20 Oct 2015 13:37]
Guilhem Bichot
More confirmation: in glibc, inet_pton and inet_ntop use a structure of type 'struct sockaddr_in', containing 'struct in_addr", containing only a type 'in_addr_t' which is 32-bit int.
[20 Oct 2015 13:58]
Guilhem Bichot
Even if output is <4G, this is still a wrong address: '0.0.0.0.0' . So, the address must be rejected if it has 4 groups or more.
[23 Oct 2015 15:38]
Paul DuBois
Noted in 5.7.10, 5.8.0 changelogs. INET_ATON() now returns NULL and produces a warning for arguments that contain more than four groups of digits.
Description: select inet_aton("255.255.255.255.255.255.255.255"); returns 18446744073709551615. A valid Ipv4 address must have at most 4 groups of dot-separated digits and fit in a 32-bit integer. This is visible in: - reading of IPv4's specification (RFC791 "Addresses are fixed length of four octets (32 bits)") - the documentation of glibc's inet_aton (which returns 'int' i.e. 32-bit) - testing of glibc's inet_pton (which returns an error with the above address) - failure of MySQL's inet_ntoa: indeed inet_ntoa(inet_aton("255.255.255.255.255.255.255.255")); returns NULL, because inet_ntoa enforces that the integer input must be <4G. How to repeat: select inet_aton("255.255.255.255.255.255.255.255"); Suggested fix: return error if output > 4G .