Uploaded image for project: 'Undertow'
  1. Undertow
  2. UNDERTOW-2041

Error when X-forwarded-For header contains ipv6 address with leading zeroes

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • 2.2.17.Final
    • 2.2.16.Final
    • Core
    • None

    Description

      When undertow receives an X-Forwarded-For header that contains an ipv6 address, this ip v6 address is parsed by the 

      io.undertow.util.NetworkUtils.parseIpv6AddressToBytes() method.

      This method rejects ipv6 addresses that contains leading zeroes.

      For example, this address is considered valid:

      2001:DB8:0:CD30:123:4567:89AB:CDEF

      while this one is considered as invalid:

      2001:0DB8:0:CD30:0123:4567:89AB:CDEF

       

      This behaviour is implemented here:

      https://github.com/undertow-io/undertow/blob/7133a92424efc328ab9300e5df6df967a9dd9d69/core/src/main/java/io/undertow/util/NetworkUtils.java#L121

      Yet, by looking at the RFC 4291, we can read that 

      "it is not necessary to write the leading zeros" (see section 2.2 here: https://datatracker.ietf.org/doc/html/rfc4291)

      So, to my understanding, ipv6 with leading zeroes should not be rejected by the ipv6 parser of undertow.

       

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem that impairs or prevents the functions of the product. UNDERTOW-2016 Undertow returns 500 response when first address in X-Forwarded-For is ipv6 with leading 0 in any part

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved
          is incorporated by

          Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. WFCORE-5867 Upgrade Undertow to 2.2.17.Final

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              flaviarnn Flavia Rainone
              sylvererichard Sylvere Richard (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: