From 522ebfb71c4215de8703b0cabbeb5ab6f27d627f Mon Sep 17 00:00:00 2001 From: MacroModel Date: Wed, 3 Dec 2025 23:18:50 +0800 Subject: [PATCH] Add validation for trailing single colon in IPv6 address parsing - Added check in `scn_cnt_define_in6addr_shorten_impl` to return `parse_code::invalid` when buffer ends with single colon - Prevents accepting malformed IPv6 addresses ending with ":" instead of "::" or valid hex digit - Split compound condition to validate buffer bounds before checking for double colon --- include/fast_io_core_impl/socket/addrscn.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/include/fast_io_core_impl/socket/addrscn.h b/include/fast_io_core_impl/socket/addrscn.h index 0e10eeae..576e20c1 100644 --- a/include/fast_io_core_impl/socket/addrscn.h +++ b/include/fast_io_core_impl/socket/addrscn.h @@ -515,7 +515,11 @@ scn_cnt_define_in6addr_shorten_impl(char_type const *begin, char_type const *end // Here *it == ':' ++it; - if (it != end && *it == colon) + if (it == end) + { + return {it, parse_code::invalid}; + } + if (*it == colon) { // Encountered "::" if (colonp != nullptr) [[unlikely]]