1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
|
[
{
"description": "validation of IP addresses",
"schema": { "format": "ipv4" },
"tests": [
{
"description": "all string formats ignore integers",
"data": 12,
"valid": true
},
{
"description": "all string formats ignore floats",
"data": 13.7,
"valid": true
},
{
"description": "all string formats ignore objects",
"data": {},
"valid": true
},
{
"description": "all string formats ignore arrays",
"data": [],
"valid": true
},
{
"description": "all string formats ignore booleans",
"data": false,
"valid": true
},
{
"description": "all string formats ignore nulls",
"data": null,
"valid": true
},
{
"description": "a valid IP address",
"data": "192.168.0.1",
"valid": true
},
{
"description": "an IP address with too many components",
"data": "127.0.0.0.1",
"valid": false
},
{
"description": "an IP address with out-of-range values",
"data": "256.256.256.256",
"valid": false
},
{
"description": "an IP address without 4 components",
"data": "127.0",
"valid": false
},
{
"description": "an IP address as an integer",
"data": "0x7f000001",
"valid": false
},
{
"description": "an IP address as an integer (decimal)",
"data": "2130706433",
"valid": false
},
{
"description": "leading zeroes should be rejected, as they are treated as octals",
"comment": "see https://sick.codes/universal-netmask-npm-package-used-by-270000-projects-vulnerable-to-octal-input-data-server-side-request-forgery-remote-file-inclusion-local-file-inclusion-and-more-cve-2021-28918/",
"data": "087.10.0.1",
"valid": false
},
{
"description": "value without leading zero is valid",
"data": "87.10.0.1",
"valid": true
},
{
"description": "non-ascii digits should be rejected",
"data": "1২7.0.0.1",
"valid": false
}
]
}
]
|