StrToHostAddr accepts ipv4 octets containing any Pascal number base notation and mathematical signs
Original Reporter info from Mantis: nduffy @solas_agus_dolas
-
Reporter name: Noel Duffy
Original Reporter info from Mantis: nduffy @solas_agus_dolas
- Reporter name: Noel Duffy
Description:
The StrToHostAddr function in the sockets unit converts ipv4 addresses into their internal representation. It uses the Val function to convert octets from strings to bytes, but Val accepts Pascal notation such as '$' and '0x' prefixes for hexadecimal numbers, % for binary notation, and & for octal notation, and it doesn't check input characters before calling Val.
As a consequence, StrToHostAddr will happily parse and pronounce valid addresses like this:
0xa.3.4.5
9.$c.4.5
%1111.%11001110.30.4
&7.&5.30.4
As long as the value in the octet doesn't overflow the byte, it will be accepted.
Additionally, StrToHostAddr doesn't check the number of digits in an octet. This means arbitrary numbers of leading zeroes can be inserted.
E.g,
0000002.3.4.5
Finally, mathematical signs are allowed. E.g,
1.+2.3.4
While negative numbers will be also passed to Val and converted, later validations detect the overflow and so parsing that address will fail. Since the plus doesn't result in an overflow it is accepted.
Steps to reproduce:
StrToHostAddr('0xa.3.4.5')
StrToHostAddr('9.$c.4.5')
StrToHostAddr('%1111.%11001110.30.4')
StrToHostAddr('&7.&5.30.4')
StrToHostAddr('+3.4.5.6')