| Summary: | ASTERISK-05329: octal interpretation | ||
| Reporter: | Jörg Straube (grandswiss) | Labels: | |
| Date Opened: | 2005-10-19 23:58:05 | Date Closed: | 2011-06-07 14:03:15 |
| Priority: | Major | Regression? | No |
| Status: | Closed/Complete | Components: | Core/General |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ||
| Description: | Asterisk interpretes IP address parts (digits between ".") with leading 0 as octal. (see issue ID: 5476) RFC3261 does NOT allow octal interpretation. Reasoning: - The BNF production of IPv4Address in RFC3261 is IPv4address = 1*3DIGIT "." 1*3DIGIT "." 1*3DIGIT "." 1*3DIGIT - Each "." part of IPv4address represents a byte. - An octal representation of a byte would be any number between 0 and 0400 - 0400 is four digits. RFC3261 only allows a maximum of 3 DIGITS. So, the BNF production is not meant to be octal. | ||
| Comments: | By: Olle Johansson (oej) 2005-10-20 01:35:09 Does this break communication with anything existing out there that sends octal IP addresses? By: Tilghman Lesher (tilghman) 2005-10-20 09:02:51 It's important to know your platform for this one. Are you on Linux, BSD, Solaris, or another machine? The problem is that this is performed by the ast_gethostbyname() routines, and how that is done is platform dependent. If you're running Asterisk on Linux, then the core gethostbyname_r() functionality in glibc is to blame. If you're running on BSD, there is a possibility that we could do something, because we have a builtin implementation of gethostbyname_r() in utils.c. By: Olle Johansson (oej) 2005-10-20 09:39:31 I have mailed the sip-implementors list to ask if this is a bug in RFC3261, since I can't believe this to be correct. By: Jörg Straube (grandswiss) 2005-10-20 17:23:02 See also these RFCs: RFC1594 ====== dot address (dotted address notation) Dot address refers to the common notation for IP addresses of the form A.B.C.D; where each letter represents, in DECIMAL, one byte of a four byte IP address. RC1123 ===== Whenever a user inputs the identity of an Internet host, it SHOULD be possible to enter either (1) a host domain name or (2) an IP address in dotted-DECIMAL ("#.#.#.#") form. The host SHOULD check the string syntactically for a dotted-DECIMAL number before looking it up in the Domain Name System. RFC790 referenced by RFC 791 - Internet Protocol ====== One notation for internet host addresses commonly used divides the 32-bit address into four 8-bit fields and specifies the value of each field as a DECIMAL number with the fields separated by periods. For example, the internet address of ISIF is 010.020.000.052. By: Jörg Straube (grandswiss) 2005-10-20 17:25:16 I'm running asterisk in coLinux. By: Jörg Straube (grandswiss) 2005-10-20 17:39:44 Programmers please use "inet_pton" instead of "inet_aton". read "man inet_addr": ...Note that inet_pton() does not accept 1-, 2-, or 3-part dotted addresses; all four parts must be specified and are interpreted only as DECIMAL values. This is a narrower input set than that accepted by inet_aton()... By: Mark Spencer (markster) 2005-10-21 00:17:00 Okay, I think your support material makes a strong enough case to change Asterisk's interpretation. It's fixed in CVS head and I'm marking this pending 1.0. Please confirm it's fixed in CVS head though. By: Serge Vecher (serge-v) 2005-10-21 12:59:41 + /* Forge a reply for IP's to avoid octal IP's being interpreted as octal */ perhaps this means "... decimal IPs with leading zeros being interpreted as octal" ? By: Jörg Straube (grandswiss) 2005-10-22 02:21:00 vechers you're right. The comment in the code gkloepfer mentioned in http://bugs.digium.com/view.php?id=5489 is a little misleading. I would prefer a comment something like: /* Translate dotted-decimal string to internal IP address. */ /* Note: use of inet_pton instead of inet_aton avoids octal */ /* interpretation of numbers with leading 0 */ By: Russell Bryant (russell) 2005-11-15 14:07:11.000-0600 If you have any proposed changes for cvs head/1.2, please open a new bug. Thanks! By: Digium Subversion (svnbot) 2008-01-15 15:51:55.000-0600 Repository: asterisk Revision: 6838 U trunk/utils.c ------------------------------------------------------------------------ r6838 | markster | 2008-01-15 15:51:55 -0600 (Tue, 15 Jan 2008) | 2 lines Be sure to avoid octal interpretations of IP's (bug ASTERISK-5329) ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=6838 | ||