Checking if FQDN is actually IPv6 address string and handling that case.

src/common/util.c

@@ -976,7 +976,7 @@ string_is_valid_ipv6_address(const char *string)
 {
    struct sockaddr_in sockaddr_dummy;
 
-   return (inet_pton(AF_INET6,string,&sockaddr_dummy) == 1);
+   return (tor_inet_pton(AF_INET6,string,&sockaddr_dummy) == 1);
 }
 
 /** Return true iff <b>string</b> matches a pattern of DNS names

src/or/buffers.c

@@ -2049,7 +2049,8 @@ parse_socks(const char *data, size_t datalen, socks_request_t *req,
           req->port = ntohs(get_uint16(data+5+len));
           *drain_out = 5+len+2;
 
-          if (string_is_valid_ipv4_address(req->address)) {
+          if (string_is_valid_ipv4_address(req->address) ||
+              string_is_valid_ipv6_address(req->address)) {
             log_unsafe_socks_warning(5,req->address,req->port,safe_socks);
 
             if (safe_socks)

src/test/test_socks.c

@@ -240,6 +240,17 @@ test_socks_5_supported_commands(void *ptr)
             == -1);
   socks_request_clear(socks);
 
+  /* SOCKS 5 should reject RESOLVE [F0] reject for IPv6 address
+   * string if SafeSocks is enabled. */
+
+  ADD_DATA(buf, "\x05\x01\x00");
+  ADD_DATA(buf, "\x05\xF0\x00\x03\x27");
+  ADD_DATA(buf, "2001:0db8:85a3:0000:0000:8a2e:0370:7334");
+  ADD_DATA(buf, "\x01\x02");
+  tt_assert(fetch_from_buf_socks(buf,socks,get_options()->TestSocks,1)
+            == -1);
+  socks_request_clear(socks);
+
   /* SOCKS 5 Send RESOLVE_PTR [F1] for IP address 2.2.2.5 */
   ADD_DATA(buf, "\x05\x01\x00");
   ADD_DATA(buf, "\x05\xF1\x00\x01\x02\x02\x02\x05\x01\x03");