src: fix IPv4 non routable validation

Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com> PR-URL: nodejs-private/node-private#337 CVE-ID: CVE-2022-32212, CVE-2018-7160
nodejs · Sep 16, 2022 · 2c379d3 · 2c379d3
1 parent bf4d390
commit 2c379d3
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 0 deletions.
diff --git a/src/inspector_socket.cc b/src/inspector_socket.cc
@@ -164,6 +164,7 @@ static std::string TrimPort(const std::string& host) {
 static bool IsIPAddress(const std::string& host) {
   if (host.length() >= 4 && host.front() == '[' && host.back() == ']')
     return true;
+  if (host.front() == '0') return false;
   uint_fast16_t accum = 0;
   uint_fast8_t quads = 0;
   bool empty = true;

diff --git a/test/cctest/test_inspector_socket.cc b/test/cctest/test_inspector_socket.cc
@@ -925,4 +925,12 @@ TEST_F(InspectorSocketTest, HostIpTooManyOctetsChecked) {
   expect_handshake_failure();
 }
 
+TEST_F(InspectorSocketTest, HostIPNonRoutable) {
+  const std::string INVALID_HOST_IP_REQUEST = "GET /json HTTP/1.1\r\n"
+                                              "Host: 0.0.0.0:9229\r\n\r\n";
+  send_in_chunks(INVALID_HOST_IP_REQUEST.c_str(),
+                 INVALID_HOST_IP_REQUEST.length());
+  expect_handshake_failure();
+}
+
 }  // anonymous namespace