0.0.0.0 Day - 18 Yr Old Vulnerability Let Attackers Bypass All Browser Security - eviltoast
  • dan@upvote.au
    link
    fedilink
    arrow-up
    6
    ·
    edit-2
    3 months ago

    it makes connecting to localhost as easy as http://0:8080/ (for port 8080, but omit for port 80).

    The thing is that it’s not supposed to work, so it’s essentially relying on undefined behaviour. Typing [::1]:8080 is nearly as easy.

    skimming through these PRs, at least for WebKit, I don’t see tests for shorthand IPs like 0 (and no Apple device to test with). What are the chances they missed those…?

    I haven’t seen the PRs, but IP comparison should really be using the binary form of the IPv4 address (a 32-bit number), not the human-friendly form.