Reject non-IPv4 hostnames that end in numbers.

Author: F3n67u

src/node_url.cc

@@ -3,6 +3,7 @@
 #include "node_errors.h"
 #include "node_external_reference.h"
 #include "node_i18n.h"
+#include "util.h"
 #include "util-inl.h"
 
 #include <cmath>
@@ -58,7 +59,7 @@ class URLHost {
  public:
   ~URLHost();
 
-  void ParseIPv4Host(const char* input, size_t length, bool* is_ipv4);
+  void ParseIPv4Host(const char* input, size_t length);
   void ParseIPv6Host(const char* input, size_t length);
   void ParseOpaqueHost(const char* input, size_t length);
   void ParseHost(const char* input,
@@ -401,9 +402,37 @@ int64_t ParseNumber(const char* start, const char* end) {
   return strtoll(start, nullptr, R);
 }
 
-void URLHost::ParseIPv4Host(const char* input, size_t length, bool* is_ipv4) {
+// https://url.spec.whatwg.org/#ends-in-a-number-checker
+bool EndsInANumber(std::string& str) {
+  std::vector<std::string> parts = SplitString(str, '.', false);
+  if (parts.size() == 0)
+    return false;
+
+  if (parts.back() == "") {
+    if (parts.size() == 1)
+      return false;
+    parts.pop_back();
+  }
+
+  const std::string& last = parts.back();
+
+  if (last == "")
+    return false;
+
+  int64_t num = ParseNumber(last.c_str(), last.c_str() + last.size());
+  if (num >= 0)
+    return true;
+
+  if (last.find_first_not_of("0123456789") == std::string::npos) {
+    return true;
+  }
+
+  return false;
+}
+
+
+void URLHost::ParseIPv4Host(const char* input, size_t length) {
   CHECK_EQ(type_, HostType::H_FAILED);
-  *is_ipv4 = false;
   const char* pointer = input;
   const char* mark = input;
   const char* end = pointer + length;
@@ -436,7 +465,6 @@ void URLHost::ParseIPv4Host(const char* input, size_t length, bool* is_ipv4) {
     pointer++;
   }
   CHECK_GT(parts, 0);
-  *is_ipv4 = true;
 
   // If any but the last item in numbers is greater than 255, return failure.
   // If the last item in numbers is greater than or equal to
@@ -508,11 +536,10 @@ void URLHost::ParseHost(const char* input,
     }
   }
 
-  // Check to see if it's an IPv4 IP address
-  bool is_ipv4;
-  ParseIPv4Host(decoded.c_str(), decoded.length(), &is_ipv4);
-  if (is_ipv4)
-    return;
+  // If domain ends in a number, then return the result of IPv4 parsing domain
+  if (EndsInANumber(decoded)) {
+    return ParseIPv4Host(decoded.c_str(), decoded.length());
+  }
 
   // If the unicode flag is set, run the result through punycode ToUnicode
   if (unicode && !ToUnicode(decoded, &decoded))

src/util.cc

@@ -164,15 +164,15 @@ std::string GetHumanReadableProcessName() {
   return SPrintF("%s[%d]", GetProcessTitle("Node.js"), uv_os_getpid());
 }
 
-std::vector<std::string> SplitString(const std::string& in, char delim) {
+std::vector<std::string> SplitString(const std::string& in, char delim, bool skipEmpty) {
   std::vector<std::string> out;
   if (in.empty())
     return out;
   std::istringstream in_stream(in);
   while (in_stream.good()) {
     std::string item;
     std::getline(in_stream, item, delim);
-    if (item.empty()) continue;
+    if (item.empty() && skipEmpty) continue;
     out.emplace_back(std::move(item));
   }
   return out;

src/util.h

@@ -645,7 +645,7 @@ struct FunctionDeleter {
 template <typename T, void (*function)(T*)>
 using DeleteFnPtr = typename FunctionDeleter<T, function>::Pointer;
 
-std::vector<std::string> SplitString(const std::string& in, char delim);
+std::vector<std::string> SplitString(const std::string& in, char delim, bool skipEmpty = true);
 
 inline v8::MaybeLocal<v8::Value> ToV8Value(v8::Local<v8::Context> context,
                                            std::string_view str,