Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ipaddres.IPv4Network and ipaddress.IPv6Network tuple construction will accept out of valid range prefixlen #81026

Closed
niconorsk mannequin opened this issue May 7, 2019 · 6 comments
Closed

ipaddres.IPv4Network and ipaddress.IPv6Network tuple construction will accept out of valid range prefixlen #81026

niconorsk mannequin opened this issue May 7, 2019 · 6 comments
Labels
3.7 (EOL) end of life 3.8 only security fixes stdlib Python modules in the Lib dir type-bug An unexpected behavior, bug, or error

Comments

@niconorsk
Copy link
Mannequin

niconorsk mannequin commented May 7, 2019

BPO 36845
Nosy @methane, @serhiy-storchaka, @niconorsk
PRs
  • bpo-36845: validate integer network prefix when constructing IP networks #13298
  • [3.7] bpo-36845: validate integer network prefix when constructing IP networks (GH-13298) #13309
    		•

    Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.

    Show more details

    GitHub fields:

    assignee = None
closed_at = <Date 2019-05-14.11:00:45.278>
created_at = <Date 2019-05-07.22:53:58.767>
labels = ['3.7', '3.8', 'type-bug', 'library']
title = 'ipaddres.IPv4Network and ipaddress.IPv6Network tuple construction will accept out of valid range prefixlen'
updated_at = <Date 2019-05-14.11:00:45.278>
user = 'https://github.com/niconorsk'

    bugs.python.org fields:

    activity = <Date 2019-05-14.11:00:45.278>
actor = 'methane'
assignee = 'none'
closed = True
closed_date = <Date 2019-05-14.11:00:45.278>
closer = 'methane'
components = ['Library (Lib)']
creation = <Date 2019-05-07.22:53:58.767>
creator = 'niconorsk'
dependencies = []
files = []
hgrepos = []
issue_num = 36845
keywords = ['patch']
message_count = 6.0
messages = ['341839', '341861', '341862', '341863', '342448', '342449']
nosy_count = 5.0
nosy_names = ['pmoody', 'methane', 'SilentGhost', 'serhiy.storchaka', 'niconorsk']
pr_nums = ['13298', '13309']
priority = 'normal'
resolution = 'fixed'
stage = 'resolved'
status = 'closed'
superseder = None
type = 'behavior'
url = 'https://bugs.python.org/issue36845'
versions = ['Python 3.7', 'Python 3.8']
    @niconorsk
    Copy link
    Mannequin Author

    niconorsk mannequin commented May 7, 2019

    When using the tuple-form of constructing IPv4Network and IPv6Network will accept prefixlen outside of the normal allowed ranges.

    Example:
>>> import ipaddress
>>> ipaddress.IPv4Network(('172.21.1.0', 400))
IPv4Network('172.21.1.0/400')

If given a negative number, it will error but not with a particularly useful error:
>>> x = ipaddress.IPv4Network(('172.21.1.0', -1))
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib64/python3.7/ipaddress.py", line 1532, in __init__
    self.netmask, self._prefixlen = self._make_netmask(mask)
  File "/usr/lib64/python3.7/ipaddress.py", line 1112, in _make_netmask
    netmask = IPv4Address(cls._ip_int_from_prefix(prefixlen))
  File "/usr/lib64/python3.7/ipaddress.py", line 444, in _ip_int_from_prefix
    return cls._ALL_ONES ^ (cls._ALL_ONES >> prefixlen)
ValueError: negative shift count

    Looking at the code, I think all that is needed is a range check within the respective _make_netmask methods in _BaseV4 and _BaseV6 classes

    @niconorsk niconorsk mannequin added 3.9 only security fixes 3.7 (EOL) end of life 3.8 only security fixes stdlib Python modules in the Lib dir type-bug An unexpected behavior, bug, or error labels May 7, 2019
    @SilentGhost
    Copy link
    Mannequin

    SilentGhost mannequin commented May 8, 2019

    Would you like to submit a fix, Nicolai?

    @SilentGhost SilentGhost mannequin removed the 3.9 only security fixes label May 8, 2019
    @niconorsk
    Copy link
    Mannequin Author

    niconorsk mannequin commented May 8, 2019

    I'd be happy too. Would be a first time contribution though, so need to give me some time to figure my way around the process.

    @SilentGhost
    Copy link
    Mannequin

    SilentGhost mannequin commented May 8, 2019

    There are some guidelines available at https://devguide.python.org/pullrequest/

    @methane
    Copy link
    Member

    methane commented May 14, 2019

    New changeset 5e48e3d by Inada Naoki (Nicolai Moore) in branch 'master':
    bpo-36845: validate integer network prefix when constructing IP networks (GH-13298)
    5e48e3d

    @methane
    Copy link
    Member

    methane commented May 14, 2019

    New changeset 30cccf0 by Inada Naoki (Miss Islington (bot)) in branch '3.7':
    bpo-36845: validate integer network prefix when constructing IP networks (GH-13298)
    30cccf0

    @methane methane closed this as completed May 14, 2019
    @ezio-melotti ezio-melotti transferred this issue from another repository Apr 10, 2022
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Assignees
    No one assigned
    Labels
    3.7 (EOL) end of life 3.8 only security fixes stdlib Python modules in the Lib dir type-bug An unexpected behavior, bug, or error
    Projects
    None yet
    Milestone
    No milestone
    Development

    No branches or pull requests
    1 participant
    @methane