-
Notifications
You must be signed in to change notification settings - Fork 13k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reject octal zeros in IPv4 addresses #86984
Conversation
(rust-highfive has picked a reviewer for you, use r? to override) |
I understand we're currently a bit "loose" here, but is there any practical difference? It's a numeric 0 either way you look at it. So with your change, we would stop accepting octal zeros just for the sake of strictness? |
The documentation for The documentation also clearly cites IETF RFC 6943, but Section 3.1.1. in that RFC defines the "strict" form—the form that forbids other numeral systems (e.g., base-8)—as 4 octets in decimal notation separated by a "." such that each octet is between one and three digits. The current behavior doesn't conform to any obvious standard. Apparently other languages default to interpreting any integer with padded To me if for some reason we want to forbid |
AIUI, it was defined in POSIX that a leading You could debate whether |
Hm, maybe this is yet another area where my math background is biting me in the butt because it's rather foreign to me to treat leading |
Octal
(which does mean a lone |
The docs should probably be clarified: the octets are in decimal notation, and leading 0s are disallowed (except, as usual, for a plain This almost matches current behavior, except for (I don't have an opinion between these two options, but this PR does not update the docs so IMO it is incomplete either way.)
I'm not disagreeing, but this is what other parts of the ecosystem do. It is much better for Rust to reject The docs possibly should say that this is why leading 0s are rejected. |
That is perfectly OK to me. While I would prefer something like
I absolutely agree. I was not aware POSIX stated that leading 0s meant base-8 until @cuviper pointed that out (i.e., my "complaint" would have been purely about the documentation and nothing else had I known this). I admit that I am probably in the minority when it comes to my background as a Rustacean. I've never written a line of assembly, C, C++, or kernel code in my life—something I'm not proud of, but c'est la vie—so it very well could be the case that "decimal notation" obviously means "mathematical base-10 with the added restriction that leading 0s are not allowed with the exception of 0 itself which is allowed to have any non-negative integer amount of leading 0s" to the majority of other Rustaceans. Also want to add that what's considered "pedantry" to one may not be "pedantry" to another. While my 30+ years on this planet has shown me that my brain is wired very differently than most, I don't think this is an example of my brain thinking that differently. Case in point, I have a .CSV file of IPv4 addresses. Each row contains exactly 16 UTF-8 code units—with the last Unicode scalar value being a newline (i.e., U+000A). Based on the documentation, I wrote code that used this parsing algorithm; but of course, I was dismayed when I saw it fail. Ideally when one reads the documentation, they should have a good sense of the invariants and what's supposed to work and not. Obviously it didn't take long for me to change my implementation, but it would have been nice if I knew something like |
I don't think it does. :) Leading 0s being code for "base 8" is a weird C thing that Rust did not do for its own integer literals, but that doesn't help us here. And either way the docs should be understandable for people with lots of different backgrounds, so if it is confusing for some, we should fix that! It's near impossible for one person (whoever writes the docs) to foresee all the ways it can be misleading, which is why documentation feedback and bugreports are extremely valuable. :) So, we are in full agreement that the docs should document this more clearly. Usually, lading 0s are allowed, as you pointed out in your bugreport. |
What I could imagine being useful (but I am not a libs person) is a parsing function that explicitly is not POSIX compatible, and that does interpret I am honestly quite shocked that POSIX would interpret this as
|
The way octal literals are written in IP addresses differs from the way they are written in Rust code, so the way that octal/hex literals in IPs are written is explictly mentioned.
I've updated the documentation for |
Now that there can't be a bunch of leading zeros, parsing can be optimized a bit.
Now this probably is a pedantic request—thus something I am not that passionate about and OK with not doing—but an example like the parsing of Once I know how to do "pull requests", I won't ask others to do such a thing. |
Does this require libs team signoff or an fcp or something? This is another breaking change after the one that rejected the octal notation. I've encountered the regression at work and will probably encounter this one too when its available in stable. That being said, I think the PR does make things more consistent and coherent. |
r? @joshtriplett for libs-api(?) examination of this issue. I think it probably merits an FCP, at least... |
Co-authored-by: Cheng XU <[email protected]>
I think we should go ahead with this change. @rfcbot merge |
Team member @joshtriplett has proposed to merge this. The next step is review by the rest of the tagged team members: No concerns currently listed. Once a majority of reviewers approve (and at most 2 approvals are outstanding), this will enter its final comment period. If you spot a major issue that hasn't been raised at any point in this process, please speak up! See this document for info about what commands tagged team members can give me. |
I was personally somewhat on the side of just interpreting octets as decimal, even with a leading zero, POSIX be damned. But one thing that convinced me otherwise was the fact that, well, those leading zeroes are indeed interpreted as indicating octal base in many other places. So if our routine accepts the same IP but gives a different result than others, that could indeed be quite surprising. So I think it's the right decision to fail here. (Or alternatively, just implement octal support.) (I am not aware of the history of rejecting octal in this routine, so I may just be re-treading old ground, but wanted to mention it since there was some discussion above.) |
🔔 This is now entering its final comment period, as per the review above. 🔔 |
The final comment period, with a disposition to merge, as per the review above, is now complete. As the automated representative of the governance process, I would like to thank the author for their work and everyone else who contributed. This will be merged soon. |
@bors r+ |
📌 Commit 403d269 has been approved by |
Reject octal zeros in IPv4 addresses This fixes rust-lang#86964 by rejecting octal zeros in IP addresses, such that `192.168.00.00000000` is rejected with a parse error, since having leading zeros in front of another zero indicates it is a zero written in octal notation, which is not allowed in the strict mode specified by RFC 6943 3.1.1. Octal rejection was implemented in rust-lang#83652, but due to the way it was implemented octal zeros were still allowed.
Reject octal zeros in IPv4 addresses This fixes rust-lang#86964 by rejecting octal zeros in IP addresses, such that `192.168.00.00000000` is rejected with a parse error, since having leading zeros in front of another zero indicates it is a zero written in octal notation, which is not allowed in the strict mode specified by RFC 6943 3.1.1. Octal rejection was implemented in rust-lang#83652, but due to the way it was implemented octal zeros were still allowed.
Rollup of 14 pull requests Successful merges: - rust-lang#86984 (Reject octal zeros in IPv4 addresses) - rust-lang#87440 (Remove unnecessary condition in Barrier::wait()) - rust-lang#88644 (`AbstractConst` private fields) - rust-lang#89292 (Stabilize CString::from_vec_with_nul[_unchecked]) - rust-lang#90010 (Avoid overflow in `VecDeque::with_capacity_in()`.) - rust-lang#90029 (Add test for debug logging during incremental compilation) - rust-lang#90031 (config: add the option to enable LLVM tests) - rust-lang#90048 (Add test for line-number setting) - rust-lang#90071 (Remove hir::map::blocks and use FnKind instead) - rust-lang#90074 (2229 migrations small cleanup) - rust-lang#90077 (Make `From` impls of NonZero integer const.) - rust-lang#90097 (Add test for duplicated sidebar entries for reexported macro) - rust-lang#90098 (Add test to ensure that the missing_doc_code_examples is not triggered on foreign trait implementations) - rust-lang#90099 (Fix MIRI UB in `Vec::swap_remove`) Failed merges: r? `@ghost` `@rustbot` modify labels: rollup
This fixes #86964 by rejecting octal zeros in IP addresses, such that
192.168.00.00000000
is rejected with a parse error, since having leading zeros in front of another zero indicates it is a zero written in octal notation, which is not allowed in the strict mode specified by RFC 6943 3.1.1. Octal rejection was implemented in #83652, but due to the way it was implemented octal zeros were still allowed.