client_host(): Properly handle IPv6 addresses

author Fabian Keil <fk@fabiankeil.de>

Thu, 11 Sep 2025 12:13:57 +0000 (14:13 +0200)

committer Fabian Keil <fk@fabiankeil.de>

Thu, 9 Oct 2025 09:51:07 +0000 (11:51 +0200)
author Fabian Keil <fk@fabiankeil.de>
Thu, 11 Sep 2025 12:13:57 +0000 (14:13 +0200)
committer Fabian Keil <fk@fabiankeil.de>
Thu, 9 Oct 2025 09:51:07 +0000 (11:51 +0200)
diff --git a/parsers.c b/parsers.c

index 8029781..b08c381 100644 (file)
--- a/parsers.c
+++ b/parsers.c
@@ -3763,7 +3763,36 @@ static jb_err client_host(struct client_state *csp, char **header)
        csp->http->hostport = p;
        freez(csp->http->host);
        csp->http->host = q;
-      q = strchr(csp->http->host, ':');
+
+      if (*p == '[')
+      {
+         /* Numeric IPv6 address delimited by brackets */
+         p++;
+
+         q = strchr(p, ']');
+         if (q == NULL)
+         {
+            /* Missing closing bracket */
+            return JB_ERR_PARSE;
+         }
+
+         *q++ = '\0';
+
+         if (*q == '\0')
+         {
+            q = NULL;
+         }
+         else if (*q != ':')
+         {
+            /* Garbage after closing bracket */
+            return JB_ERR_PARSE;
+         }
+      }
+      else
+      {
+         /* Plain non-escaped hostname */
+         q = strchr(csp->http->host, ':');
+      }
        if (q != NULL)
        {
           /* Terminate hostname and evaluate port string */
author	Fabian Keil <fk@fabiankeil.de>
	Thu, 11 Sep 2025 12:13:57 +0000 (14:13 +0200)
committer	Fabian Keil <fk@fabiankeil.de>
	Thu, 9 Oct 2025 09:51:07 +0000 (11:51 +0200)