HostAndPort IP-literal parsing should validate the in square bracketted content matches IPv6address or IPvFuture production rules.

vietj · vietj · commit 7f0a04cd2303 · 2025-12-10T00:45:26.000+01:00
Motivation:

The HostAndPort IP-literal parser attempts to find content between square brackets, it should ensure that the enclosed content matches production rule.

Changes:

Implement IPv6address and IPvFuture parsing and use it when parsing IP-literal.
diff --git a/vertx-core/src/main/java/io/vertx/core/http/impl/UriParser.java b/vertx-core/src/main/java/io/vertx/core/http/impl/UriParser.java
@@ -81,7 +81,16 @@ public static int parseRegName(String s, int from, int to) {
    * @return the index after parsing or {@code -1} if the value is invalid
    */
   public static int parseIPLiteral(String s, int from, int to) {
-    return from + 2 < to && s.charAt(from) == '[' ? foo(s.indexOf(']', from + 2)) : -1;
+    if (from < to && s.charAt(from++) == '[') {
+      int idx = parseIPv6Address(s, from, to);
+      if (idx == -1) {
+        idx = parseIPvFuture(s, from, to);
+      }
+      if (idx != -1 && idx < to && s.charAt(idx++) == ']') {
+        return idx;
+      }
+    }
+    return -1;
   }
 
   private static int foo(int v) {
@@ -127,6 +136,198 @@ public static int parseIPv4Address(String s, int from, int to) {
     return from;
   }
 
+  /**
+   * Try to parse the <i>IPv6address</i> rule as per
+   * <a href="https://datatracker.ietf.org/doc/html/rfc3986#appendix-A">RFC3986</a>.
+   *
+   * @param s a string containing the value to parse
+   * @param from the index at which parsing begins
+   * @param to the index at which parsing ends
+   * @return the index after parsing or {@code -1} if the value is invalid
+   */
+  public static int parseIPv6Address(String s, int from, int to) {
+    int doubleColonIdx = s.indexOf("::", from);
+    if (doubleColonIdx == -1 || (doubleColonIdx + 2) > to) {
+      // Rule1
+      for (int i = 0;i < 6;i++) {
+        from = parseH16(s, from, to);
+        if (from == -1) {
+          return -1;
+        }
+        from = _parseColon(s, from, to);
+        if (from == -1) {
+          return -1;
+        }
+      }
+      return parseLs32(s, from, to);
+    }
+
+    // To ease parsing we use the first colon (:) or double colon (::)
+    // e.g. "0::" = "0:" + ":"
+    //      "0:1:2:3::" = "0:1:2:3:" + ":"
+    int a = doubleColonIdx + 1;
+    int count1 = 0;
+    while (true) {
+      from = parseH16(s, from, a);
+      if (from == -1) {
+        break;
+      }
+      from = _parseColon(s, from, a);
+      if (from == -1) {
+        return -1;
+      }
+      count1++;
+    }
+
+    int count2 = 0;
+    from = doubleColonIdx + 2;
+    while (true) {
+      int idx = parseH16(s, from, to);
+      if (idx == -1) {
+        break;
+      }
+      idx = _parseColon(s, idx, to);
+      if (idx == -1) {
+        break;
+      }
+      from = idx;
+      count2++;
+    }
+    int idx;
+    if ((idx = parseIPv4Address(s, from, to)) != -1) {
+      //
+    } else if ((idx = parseH16(s, from, to)) != -1) {
+      count2--;
+    } else {
+      // Rule 9
+      return count1 <= 7 ? from : -1;
+    }
+    from = idx;
+
+
+    switch (count2) {
+      case 5:
+        // Rule 2
+        return count1 == 0 ? from : -1;
+      case 4:
+        // Rule 3
+        return count1 <= 1 ? from : -1;
+      case 3:
+        // Rule 4
+        return count1 <= 2 ? from : -1;
+      case 2:
+        // Rule 5
+        return count1 <= 3 ? from : -1;
+      case 1:
+        // Rule 6
+        return count1 <= 4 ? from : -1;
+      case 0:
+        // Rule 7
+        return count1 <= 5 ? from : -1;
+      case -1:
+        // Rule 8
+        return count1 <= 6 ? from : -1;
+      default:
+        throw new AssertionError();
+    }
+  }
+
+  public static int _parseColon(String s, int from, int to) {
+    return from < to && s.charAt(from) == ':' ? from + 1 : -1;
+  }
+
+  public static int _parseDoubleColon(String s, int from, int to) {
+    return from + 1 < to && s.charAt(from) == ':' && s.charAt(from + 1) == ':' ? from + 2 : -1;
+  }
+
+  /**
+   * Try to parse the <i>ls32</i> rule as per
+   * <a href="https://datatracker.ietf.org/doc/html/rfc3986#appendix-A">RFC3986</a>.
+   *
+   * @param s a string containing the value to parse
+   * @param from the index at which parsing begins
+   * @param to the index at which parsing ends
+   * @return the index after parsing or {@code -1} if the value is invalid
+   */
+  public static int parseLs32(String s, int from, int to) {
+    int idx = _parseH16ColonH16(s, from, to);
+    if (idx == -1) {
+      idx = parseIPv4Address(s, from, to);
+    }
+    return idx;
+  }
+
+  public static int _parseH16ColonH16(String s, int from, int to) {
+    int idx = parseH16(s, from, to);
+    if (idx == -1) {
+      return -1;
+    }
+    from = idx;
+    if (from >= to || s.charAt(from++) != ':') {
+      return -1;
+    }
+    return parseH16(s, from, to);
+  }
+
+  /**
+   * Try to parse the <i>h16</i> rule as per
+   * <a href="https://datatracker.ietf.org/doc/html/rfc3986#appendix-A">RFC3986</a>.
+   *
+   * @param s a string containing the value to parse
+   * @param from the index at which parsing begins
+   * @param to the index at which parsing ends
+   * @return the index after parsing or {@code -1} if the value is invalid
+   */
+  public static int parseH16(String s, int from, int to) {
+    if (from >= to || !isHEXDIG(s.charAt(from++))) {
+      return -1;
+    }
+    for (int i = 0;i < 3;i++) {
+      if (from < to && isHEXDIG(s.charAt(from))) {
+        from++;
+      }
+    }
+    return from;
+  }
+
+  /**
+   * Try to parse the <i>IPvFuture</i> rule as per
+   * <a href="https://datatracker.ietf.org/doc/html/rfc3986#appendix-A">RFC3986</a>.
+   *
+   * @param s a string containing the value to parse
+   * @param from the index at which parsing begins
+   * @param to the index at which parsing ends
+   * @return the index after parsing or {@code -1} if the value is invalid
+   */
+  public static int parseIPvFuture(String s, int from, int to) {
+    if (from >= to || s.charAt(from++) != 'v') {
+      return -1;
+    }
+    if (from >= to || !isHEXDIG(s.charAt(from++))) {
+      return -1;
+    }
+    while (from < to) {
+      if (isHEXDIG(s.charAt(from))) {
+        // Continue
+        from++;
+      } else {
+        break;
+      }
+    }
+    if (from >= to || s.charAt(from++) != '.') {
+      return -1;
+    }
+    int count = 0;
+    char c;
+    while ((from + count) < to && (isUnreserved(c = s.charAt(from + count)) || isSubDelims(c) || c == ':')) {
+      count++;
+    }
+    if (count == 0) {
+      return -1;
+    }
+    return from + count;
+  }
+
   /**
    * Try to parse the <i>dec-octet</i> rule as per
    * <a href="https://datatracker.ietf.org/doc/html/rfc3986#appendix-A">RFC3986</a>.
diff --git a/vertx-core/src/test/java/io/vertx/tests/net/HostAndPortTest.java b/vertx-core/src/test/java/io/vertx/tests/net/HostAndPortTest.java
@@ -16,8 +16,8 @@ public void testParseIPLiteral() {
     Assert.assertEquals(-1, UriParser.parseIPLiteral("", 0, 0));
     assertEquals(-1, UriParser.parseIPLiteral("[", 0, 1));
     assertEquals(-1, UriParser.parseIPLiteral("[]", 0, 2));
-    assertEquals(3, UriParser.parseIPLiteral("[0]", 0, 3));
-    assertEquals(-1, UriParser.parseIPLiteral("[0", 0, 2));
+    assertEquals(4, UriParser.parseIPLiteral("[::]", 0, 4));
+    assertEquals(-1, UriParser.parseIPLiteral("[::", 0, 3));
   }
 
   @Test
@@ -55,6 +55,90 @@ public void testParseRegName() {
     assertEquals(15, UriParser.parseRegName("10.0.0.1.nip.io", 0, 15));
   }
 
+  @Test
+  public void testParseIPvFuture() {
+    assertEquals(6, UriParser.parseIPvFuture("v123.a", 0, 6));
+    assertEquals(6, UriParser.parseIPvFuture("v123.:", 0, 6));
+    assertEquals(6, UriParser.parseIPvFuture("v123.!", 0, 6));
+  }
+
+  @Test
+  public void testParseIPv6Address() {
+    // Rule 1
+    assertIPv6Address("0:1:2:3:4:5:1.1.1.1");
+    assertIPv6Address("0:1:2:3:4:5:7:8");
+    // Rule 2
+    assertIPv6Address("::0:1:2:3:4:1.1.1.1");
+    assertIPv6Address("::0:1:2:3:4:5:6");
+    // Rule 3
+    assertIPv6Address("0::0:1:2:3:1.1.1.1");
+    assertIPv6Address("0::0:1:2:3:4:5");
+    assertIPv6Address("::0:1:2:3:1.1.1.1");
+    assertIPv6Address("::0:1:2:3:4:5");
+    // Rule 4
+    assertIPv6Address("0:1::0:1:2:1.1.1.1");
+    assertIPv6Address("0:1::0:1:2:3:4");
+    assertIPv6Address("0::0:1:2:1.1.1.1");
+    assertIPv6Address("0::0:1:2:3:4");
+    assertIPv6Address("::0:1:2:1.1.1.1");
+    assertIPv6Address("::0:1:2:3:4");
+    // Rule 5
+    assertIPv6Address("0:1:2::0:1:1.1.1.1");
+    assertIPv6Address("0:1:2::0:1:2:3");
+    assertIPv6Address("0:1::0:1:1.1.1.1");
+    assertIPv6Address("0:1::0:1:2:3");
+    assertIPv6Address("0::0:1:1.1.1.1");
+    assertIPv6Address("0::0:1:2:3");
+    assertIPv6Address("::0:1:1.1.1.1");
+    assertIPv6Address("::0:1:2:3");
+    // Rule 6
+    assertIPv6Address("0:1:2:3::0:1.1.1.1");
+    assertIPv6Address("0:1:2:3::0:1:2");
+    assertIPv6Address("0:1:2::0:1.1.1.1");
+    assertIPv6Address("0:1:2::0:1:2");
+    assertIPv6Address("0:1::0:1.1.1.1");
+    assertIPv6Address("0:1::0:1:2");
+    assertIPv6Address("0::0:1.1.1.1");
+    assertIPv6Address("0::0:1:2");
+    assertIPv6Address("::0:1.1.1.1");
+    assertIPv6Address("::0:1:2");
+    // Rule 7
+    assertIPv6Address("0:1:2:3:4::1.1.1.1");
+    assertIPv6Address("0:1:2:3:4::0:1");
+    assertIPv6Address("0:1:2:3::1.1.1.1");
+    assertIPv6Address("0:1:2:3::0:1");
+    assertIPv6Address("0:1:2::1.1.1.1");
+    assertIPv6Address("0:1:2::0:1");
+    assertIPv6Address("0:1::1.1.1.1");
+    assertIPv6Address("0:1::0:1");
+    assertIPv6Address("0::1.1.1.1");
+    assertIPv6Address("0::0:1");
+    assertIPv6Address("::1.1.1.1");
+    assertIPv6Address("::0:1");
+    // Rule 8
+    assertIPv6Address("0:1:2:3:4:5::0");
+    assertIPv6Address("0:1:2:3:4::0");
+    assertIPv6Address("0:1:2:3::0");
+    assertIPv6Address("0:1:2::0");
+    assertIPv6Address("0:1::0");
+    assertIPv6Address("0::0");
+    assertIPv6Address("::0");
+    // Rule 9
+    assertIPv6Address("0:1:2:3:4:5:6::");
+    assertIPv6Address("0:1:2:3:4:5::");
+    assertIPv6Address("0:1:2:3:4::");
+    assertIPv6Address("0:1:2:3::");
+    assertIPv6Address("0:1:2::");
+    assertIPv6Address("0:1::");
+    assertIPv6Address("0::");
+    assertIPv6Address("::");
+  }
+
+  private void assertIPv6Address(String address) {
+    int len = UriParser.parseIPv6Address(address, 0, address.length());
+    assertEquals(len, address.length());
+  }
+
   @Test
   public void testParseHost() {
     assertEquals(14, UriParser.parseHost("example-fr.com", 0, 14));
@@ -65,6 +149,39 @@ public void testParseHost() {
     assertEquals(8, UriParser.parseHost("10.0.0.1:8080", 0, 15));
   }
 
+  @Test
+  public void testParseH16() {
+    assertEquals(-1, UriParser.parseH16("", 0, 0));
+    assertEquals(-1, UriParser.parseH16("Z", 0, 1));
+    for (int i = 0;i < 0xFFFF;i++) {
+      String s = Integer.toHexString(i);
+      assertEquals(s.length(), UriParser.parseH16(s, 0, s.length()));
+    }
+    assertEquals(4, UriParser.parseH16("FFFFF", 0, 5));
+  }
+
+  @Test
+  public void testParseDoubleColon() {
+    assertEquals(2, UriParser._parseDoubleColon("::", 0, 2));
+    assertEquals(-1, UriParser._parseDoubleColon(":", 0, 1));
+    assertEquals(-1, UriParser._parseDoubleColon(":a", 0, 2));
+  }
+
+  @Test
+  public void testParseH16ColonH16() {
+    assertEquals(3, UriParser._parseH16ColonH16("0:0", 0, 3));
+    assertEquals(-1, UriParser._parseH16ColonH16("0:", 0, 2));
+    assertEquals(6, UriParser._parseH16ColonH16("0:FFFF", 0, 6));
+  }
+
+  @Test
+  public void testParseLs32() {
+    assertEquals(3, UriParser.parseLs32("0:0", 0, 3));
+    assertEquals(6, UriParser.parseLs32("0:FFFF", 0, 6));
+    assertEquals(7, UriParser.parseLs32("0.0.0.0", 0, 7));
+    assertEquals(11, UriParser.parseLs32("192.168.0.1", 0, 11));
+  }
+
   @Test
   public void testParseHostAndPort() {
     assertHostAndPort("10.0.0.1.nip.io", -1, "10.0.0.1.nip.io");
