From 242deca524dbf922bfb08dadd65455164b9e663e Mon Sep 17 00:00:00 2001
From: Michael Rowley <michaellrowley@protonmail.com>
Date: Tue, 8 Mar 2022 03:34:53 +0000
Subject: security: fix SSRF in repository migration (#6812)

Co-authored-by: Joe Chen <jc@unknwon.io>
---
 internal/netutil/netutil_test.go | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 internal/netutil/netutil_test.go

(limited to 'internal/netutil/netutil_test.go')

diff --git a/internal/netutil/netutil_test.go b/internal/netutil/netutil_test.go
new file mode 100644
index 00000000..47be4e74
--- /dev/null
+++ b/internal/netutil/netutil_test.go
@@ -0,0 +1,36 @@
+// Copyright 2022 The Gogs Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package netutil
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestIsLocalHostname(t *testing.T) {
+	tests := []struct {
+		hostname string
+		want     bool
+	}{
+		{hostname: "localhost", want: true},
+		{hostname: "127.0.0.1", want: true},
+		{hostname: "::1", want: true},
+		{hostname: "0:0:0:0:0:0:0:1", want: true},
+		{hostname: "fuf.me", want: true},
+		{hostname: "127.0.0.95", want: true},
+		{hostname: "0.0.0.0", want: true},
+		{hostname: "192.168.123.45", want: true},
+
+		{hostname: "gogs.io", want: false},
+		{hostname: "google.com", want: false},
+		{hostname: "165.232.140.255", want: false},
+	}
+	for _, test := range tests {
+		t.Run("", func(t *testing.T) {
+			assert.Equal(t, test.want, IsLocalHostname(test.hostname))
+		})
+	}
+}
-- 
cgit v1.2.3