- Keshav Krity found out that libcurl failed to deal with dotted IPv6

  addresses if they were very long (>39 letters) due to a too strict address
  validity parser. It now accepts addresses up to 45 bytes long.

3 files changed, 9 insertions, 2 deletions

diff --git a/CHANGES b/CHANGES
index 0f0f7029c..b428af81c 100644
--- a/CHANGES
+++ b/CHANGES
@@ -7,6 +7,11 @@
                                   Changelog
 
 Daniel Stenberg (11 Dec 2008)
+- Keshav Krity found out that libcurl failed to deal with dotted IPv6
+  addresses if they were very long (>39 letters) due to a too strict address
+  validity parser. It now accepts addresses up to 45 bytes long.
+
+Daniel Stenberg (11 Dec 2008)
 - Internet Explorer had a broken HTTP digest authentication before v7 and
   there are servers "out there" that relies on the client doing this broken
   Digest authentication. Apache even comes with an option to work with such
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 06e3893d5..da0d98ba9 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -27,6 +27,7 @@ This release includes the following bugfixes:
  o GSS authentication infinite loop problem
  o 550 response from SIZE no longer treated as missing file
  o ftps:// control connections now use explicit protection level
+ o dotted IPv6 addresses longer than 39 bytes failed
 
 This release includes the following known bugs:
 
@@ -37,6 +38,6 @@ advice from friends like these:
 
  Yang Tse, Daniel Fandrich, Jim Meyering, Christian Krause, Andreas Wurf,
  Markus Koetter, Josef Wolf, Vlad Grachov, Pawel Kierski, Igor Novoseltsev,
- Fred Machado, Ken Hirsch
+ Fred Machado, Ken Hirsch, Keshav Krity
 
         Thanks! (and sorry if I forgot to mention someone)
diff --git a/lib/url.c b/lib/url.c
index 1cf8b08da..3e2b14e9d 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -3724,7 +3724,8 @@ static CURLcode parse_remote_port(struct SessionHandle *data,
   char *portptr;
   char endbracket;
 
-  if((1 == sscanf(conn->host.name, "[%*39[0123456789abcdefABCDEF:.%]%c", &endbracket)) &&
+  if((1 == sscanf(conn->host.name, "[%*45[0123456789abcdefABCDEF:.%]%c",
+                  &endbracket)) &&
      (']' == endbracket)) {
     /* this is a RFC2732-style specified IP-address */
     conn->bits.ipv6_ip = TRUE;