Disallow invalid IPv4 in IPv6 parser

[annevk]

Fixes #195.

[annevk]

The reporter still needs to be acknowledged. Tests coming up.

[annevk]

Tests: web-platform-tests/wpt#4513.

[domenic]

This does not appear to give the correct results.

Given input ::1., there should be a failure, but following the new algorithm, there is none:

step 5: pointer = 2, piece pointer = compress pointer = 1

step 6 (main):

• step 4: value = 1, pointer = 3, length = 1
• step 6: c = "." => pointer = 2, ipv4 = true

step 10:

• first round, c = "1"
  • step 3: value = 1, pointer = 3
  • step 4: no failure (c is "." now because pointer incremented in step 3)
  • new step "if dots seen is 3 and c is not the EOF code point, failure": no failure (c is ".", not EOF)
  • new step "if c is "." increase pointer and dots seen by one": pointer is now 4, so c = EOF, so loop exits

[annevk]

Thanks @domenic for the detailed run through. I pushed something that should definitely fail for EOF after ".". (Was hard to wait until Monday for this one.)

[domenic]

All tests now pass!

[rmisev]

Now for invalid IPv4 addresses with more than 3 dots, parser does unnecessary loop and calculations until reaches EOF code point.

I think additional check is required. I created two versions of fix here:

https://github.com/rmisev/url/commits/ipv4-in-ipv6-v1
https://github.com/rmisev/url/commits/ipv4-in-ipv6-v2

[annevk]

I think not failing early is fine. Or is there another test that we would fail with the proposed algorithm?

I like your numbers seen variant though. It seems kinda nice to base it on that.

[rmisev]

I think the point of failure in your algorithm can be Integer overflow in step "4. Set piece to piece × 0x100 + value" (when invalid address has many dots). In some programming languages this can cause a run-time error.

So I preffer numbers seen variant.

[annevk]

That's a good point. @domenic mind reviewing this approach? Sorry about the churn.

[domenic]

Still works.

[annevk]

Thanks a lot for the patch @rmisev!