`IPAddress.TryParse(ROS<byte>)` accepts invalid UTF-8

[MihaZupan]

For example:

IPAddress.Parse([.. "::A%"u8, 255]); // Does not throw

Now that IPAddress accepts parsing bytes (new in .NET 10 - #102144), we seem to also be accepting invalid UTF-8 here:

runtime/src/libraries/Common/src/System/Net/IPv6AddressHelper.Common.cs

Lines 159 to 175 in f1c94c4

	case '%':
	// An IPv6 address is separated from its scope by a '%' character. The scope
	// is terminated by the natural end of the address, the address end character (']')
	// or the start of the prefix ('/').
	while (i + 1 < end)
	{
	i++;
	if (name[i] == TChar.CreateTruncating(']'))
	{
	goto case ']';
	}
	else if (name[i] == TChar.CreateTruncating('/'))
	{
	goto case '/';
	}
	}
	break;

Not sure this is a real issue, but given that the parameters are explicitly named as utf8 (bool TryParse(ReadOnlySpan<byte> utf8Text, ...)) the user may be expecting that a parsed value is also valid UTF-8.

[dotnet-policy-service]

Tagging subscribers to this area: @dotnet/ncl
See info in area-owners.md if you want to be subscribed.

[MihaZupan]

cc: @tannergooding in case you've come across similar cases with IUtf8SpanParsable elsewhere

[tannergooding]

in case you've come across similar cases with IUtf8SpanParsable elsewhere

A quick test shows that other UTF-8 parsing APIs do fail as expected, likely because they aren't setup to just eat characters arbitrarily.

It looks like in this case IPAddress.Parse("::A%\uFFFF") similarly passes, despite \uFFFF by itself being an "invalid" UTF-16 character. The IPv6 spec simply covers

An implementation MAY support other kinds of non-null strings as <zone_id>. However, the strings must not conflict with the delimiter character. The precise format and semantics of additional strings is implementation dependent.

CC. @GrabYourPitchforks