fix: uninitialized read in ipv6_address_rule when "." has no preceding h16

[alandefreitas]

fix #993

Parsing a URI whose IPv6 host contains . with no preceding h16 (for example https://[::.) read uninitialized memory. The IPv6 rule's bytes buffer is filled as h16 groups are parsed; when a . was encountered immediately after :: (or at the very start), the parser tried to validate it as the first octet of an embedded IPv4 by calling maybe_octet(&bytes[2*(7-n)]), but those bytes had never been written.

In a constexpr context the compiler catches this as a hard error (the example from the issue):

constexpr boost::urls::url_view Parsed =
    boost::urls::parse_uri("https://[::.").value();

At runtime it is undefined behavior.

The fix: In include/boost/url/rfc/impl/ipv6_address_rule.hpp, the . branch now returns error::invalid before the maybe_octet read when no h16 has been parsed in the current segment. The parser already maintains a flag c that means "an h16 was parsed in the current segment" (set true after each h16, reset to false after ::), which is exactly the condition needed.

if(*it == '.')
{
    if(b == -1 && n > 1) { /* not enough h16 */ ... }
    if(! c)
    {
        // missing h16 before "."
        BOOST_URL_CONSTEXPR_RETURN_EC(grammar::error::invalid);
    }
    if(! detail::maybe_octet(&bytes[2*(7-n)])) { ... }
    ...
}

This eliminates the uninitialized read on every reachable path while preserving acceptance of valid inputs like ::1.2.3.4 (where c is true after parsing the leading 1).

[cppalliance-bot]

An automated preview of the documentation is available at https://994.url.prtest2.cppalliance.org/index.html

If more commits are pushed to the pull request, the docs will rebuild at the same URL.

2026-05-13 04:17:14 UTC

[cppalliance-bot]

GCOVR code coverage report https://994.url.prtest2.cppalliance.org/gcovr/index.html
LCOV code coverage report https://994.url.prtest2.cppalliance.org/genhtml/index.html
Coverage Diff Report https://994.url.prtest2.cppalliance.org/diff-report/index.html

Build time: 2026-05-13 04:29:37 UTC

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 99.12%. Comparing base (ab3c603) to head (deb1ff6).

Additional details and impacted files

@@           Coverage Diff            @@
##           develop     #994   +/-   ##
========================================
  Coverage    99.12%   99.12%           
========================================
  Files          155      154    -1     
  Lines        10085    10085           
========================================
  Hits          9997     9997           
  Misses          88       88           

Files with missing lines	Coverage Δ
include/boost/url/rfc/impl/ipv6_address_rule.hpp	100.00% <100.00%> (ø)

... and 1 file with indirect coverage changes

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update ab3c603...deb1ff6. Read the comment docs.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.