Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IsDomainName: check for escape as last character #1532

Merged
merged 1 commit into from
Feb 15, 2024
Merged

IsDomainName: check for escape as last character #1532

merged 1 commit into from
Feb 15, 2024

Conversation

miekg
Copy link
Owner

@miekg miekg commented Jan 21, 2024

Keep track if the escape, if still true when returning isDomainName
should return false.

TODO:

  • Should still be done in packDomainName as well.
  • And that should be tested
  • Some tests now fail

There are multiple other places that supposedly also check for this, but
they are not called in the parsing.

Fixes: #1528

Signed-off-by: Miek Gieben miek@miek.nl

@miekg
IsDomainName: check for escape as last character
04233ed 
Keep track if the escape, if still true when returning isDomainName
should return false.

TODO:
- Should still be done in packDomainName as well.
- And that should be tested
- Some tests now fail

There are multiple other places that supposedly also check for this, but
they are not called in the parsing.

Fixes: #1528

Signed-off-by: Miek Gieben <miek@miek.nl>
@miekg miekg requested a review from tmthrgd as a code owner January 21, 2024 11:11
@miekg
Copy link
Owner Author

miekg commented Jan 21, 2024

testing in my tree, yields:

--- FAIL: TestUpdate2NoRdataUnpack (0.00s)
    update2_test.go:72: failed to unpack RR with zero rdata: SOA: dns: overflow unpacking uint32
    update2_test.go:72: failed to unpack RR with zero rdata: TSIG: dns: overflow unpacking uint16
    update2_test.go:72: failed to unpack RR with zero rdata: TKEY: dns: overflow unpacking uint16
FAIL

janik-cloudflare
janik-cloudflare approved these changes Jan 23, 2024
View reviewed changes
Copy link
Contributor

@janik-cloudflare janik-cloudflare left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is awesome, thank you so much!

@janik-cloudflare
Copy link
Contributor

I've applied this to our DNS API repository which has a fairly extensive test suite, and everything looks good!

@janik-cloudflare
Copy link
Contributor

Should still be done in packDomainName as well.

Maybe also on the lexer level so that . 1 IN TXT hello\ is also rejected? (I'd be happy to work on a PR for that, but it might take another two weeks or so.)

@miekg miekg merged commit 2230854 into master Feb 15, 2024
6 checks passed
@miekg miekg deleted the escape-error branch February 15, 2024 12:36
@miekg
Copy link
Owner Author

miekg commented Feb 15, 2024

yes, please do. I've merged this for now, but there is indeed some followup work to be done

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@janik-cloudflare janik-cloudflare janik-cloudflare approved these changes

@tmthrgd tmthrgd Awaiting requested review from tmthrgd tmthrgd is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Trailing backslash results in non-FQDN targets
2 participants
@miekg @janik-cloudflare