diff options
| author | Christian Heimes <christian@python.org> | 2021-05-02 12:00:35 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-05-02 12:00:35 (GMT) |
| commit | 60ce8f0be6354ad565393ab449d8de5d713f35bc (patch) | |
| tree | 131beaabf8c731503be540fdd09e66f7f2000a41 /Misc | |
| parent | 73766b0341674f3920f4ea86a6f8288b801960f9 (diff) | |
| download | cpython-60ce8f0be6354ad565393ab449d8de5d713f35bc.zip cpython-60ce8f0be6354ad565393ab449d8de5d713f35bc.tar.gz cpython-60ce8f0be6354ad565393ab449d8de5d713f35bc.tar.bz2 | |
bpo-36384: Leading zeros in IPv4 addresses are no longer tolerated (GH-25099)
Reverts commit e653d4d8e820a7a004ad399530af0135b45db27a and makes
parsing even more strict. Like socket.inet_pton() any leading zero
is now treated as invalid input.
Signed-off-by: Christian Heimes <christian@python.org>
Co-authored-by: Ćukasz Langa <lukasz@langa.pl>
Diffstat (limited to 'Misc')
| -rw-r--r-- | Misc/NEWS.d/next/Security/2021-03-30-16-29-51.bpo-36384.sCAmLs.rst | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/Misc/NEWS.d/next/Security/2021-03-30-16-29-51.bpo-36384.sCAmLs.rst b/Misc/NEWS.d/next/Security/2021-03-30-16-29-51.bpo-36384.sCAmLs.rst new file mode 100644 index 0000000..f956cde --- /dev/null +++ b/Misc/NEWS.d/next/Security/2021-03-30-16-29-51.bpo-36384.sCAmLs.rst @@ -0,0 +1,6 @@ +:mod:`ipaddress` module no longer accepts any leading zeros in IPv4 address +strings. Leading zeros are ambiguous and interpreted as octal notation by +some libraries. For example the legacy function :func:`socket.inet_aton` +treats leading zeros as octal notatation. glibc implementation of modern +:func:`~socket.inet_pton` does not accept any leading zeros. For a while +the :mod:`ipaddress` module used to accept ambiguous leading zeros. |