github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-23 11:50:44 +00:00
Code Issues Projects Releases Wiki Activity

Reject proxy requests to 0.0.0.0 as well

Browse Source
This commit is contained in:
Angus Lees 2021-07-30 20:12:48 +10:00
parent 2af53e9f64
commit 05cc0fb1df
2 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/proxy/util/utils.go
View File

@ -97,7 +97,7 @@ func IsProxyableIP(ip string) error {
}
func isProxyableIP(ip net.IP) error {
if ip.IsLoopback() || ip.IsLinkLocalUnicast() || ip.IsLinkLocalMulticast() || ip.IsInterfaceLocalMulticast() {
if !ip.IsGlobalUnicast() {
return ErrAddressNotAllowed
}
return nil

2
pkg/proxy/util/utils_test.go
View File

@ -103,6 +103,7 @@ func TestIsProxyableIP(t *testing.T) {
ip string
want error
}{
{"0.0.0.0", ErrAddressNotAllowed},
{"127.0.0.1", ErrAddressNotAllowed},
{"127.0.0.2", ErrAddressNotAllowed},
{"169.254.169.254", ErrAddressNotAllowed},
@ -112,6 +113,7 @@ func TestIsProxyableIP(t *testing.T) {
{"192.168.0.1", nil},
{"172.16.0.1", nil},
{"8.8.8.8", nil},
{"::", ErrAddressNotAllowed},
{"::1", ErrAddressNotAllowed},
{"fe80::", ErrAddressNotAllowed},
{"ff02::", ErrAddressNotAllowed},