[Mimedefang] [Patch] relay_is_* not ipv6 friendly (IPv4 Compatible "patch")

[-]

--- On Wed, 2/3/10, David F. Skoll <dfs at roaringpenguin.com> wrote:
> Here's my compromise on the IPv4-mapped IPv6 address question:
> 
>         if (tmp) {
>         if (IN6_IS_ADDR_V4MAPPED(&in6sa->sin6_addr) ||
>             IN6_IS_ADDR_V4COMPAT(&in6sa->sin6_addr)) {
>             if (strchr(data->hostip, '.')) {
>             char const *lastcolon = strrchr(data->hostip, ':');
>             char *dst = data->hostip;
>             while(lastcolon) {
>                 lastcolon++;
>                 *dst++ = *lastcolon;
>                 if (!*lastcolon) break;
>             }
>             }
>         }
>         }

Comments:

>             if (strchr(data->hostip, '.')) {

This conditional is redundant.  IF we have a V4 embedded address, we already know this is true (for all machine-generated text address forms).

....
            char const *lastcolon = strrchr(data->hostip, ':');
            if (lastcolon)
                strncpy((char *)data->hostip,++lastcolon,16);
            }
....

We don't need the while loop which is UNBOUNDED by length.  Text IPv4 addresses are never longer than 16 characters including the terminator.  With memory corruption, your while loop could run forever/indefinently, while strncpy will always terminate.  If it weren't for the fact that the address source is from a library routine, I would have suggested length checking too.

I wasn't certain if the type-casting on data->hostip was needed, so I did it anyway.

> So we only do the evil hack if IN6_IS_ADDR_V4MAPPED or
> IN6_IS_ADDR_V4COMPAT returns true.  I think that should be pretty
> safe... if we can't trust our system's own inet_ntop function, we're
> in trouble anyway.

I agree.