dns icon indicating copy to clipboard operation
dns copied to clipboard

Published 20 hours ago verified publisher icon miekg

IsDomainName: check for escape as last character

Open miekg opened this issue 1 year ago • 3 comments

Keep track if the escape, if still true when returning isDomainName should return false.

TODO:

  • Should still be done in packDomainName as well.
  • And that should be tested
  • Some tests now fail

There are multiple other places that supposedly also check for this, but they are not called in the parsing.

Fixes: #1528

Signed-off-by: Miek Gieben [email protected]

miekg avatar Jan 21 '24 11:01 miekg

testing in my tree, yields:

--- FAIL: TestUpdate2NoRdataUnpack (0.00s)
    update2_test.go:72: failed to unpack RR with zero rdata: SOA: dns: overflow unpacking uint32
    update2_test.go:72: failed to unpack RR with zero rdata: TSIG: dns: overflow unpacking uint16
    update2_test.go:72: failed to unpack RR with zero rdata: TKEY: dns: overflow unpacking uint16
FAIL

miekg avatar Jan 21 '24 11:01 miekg

I've applied this to our DNS API repository which has a fairly extensive test suite, and everything looks good!

janik-cloudflare avatar Jan 23 '24 20:01 janik-cloudflare

Should still be done in packDomainName as well.

Maybe also on the lexer level so that . 1 IN TXT hello\ is also rejected? (I'd be happy to work on a PR for that, but it might take another two weeks or so.)

janik-cloudflare avatar Jan 23 '24 21:01 janik-cloudflare

yes, please do. I've merged this for now, but there is indeed some followup work to be done

miekg avatar Feb 15 '24 12:02 miekg