From dda5e23439e91c6a2d9bb31a38d61da7f8948598 Mon Sep 17 00:00:00 2001 From: Peter van Dijk Date: Mon, 21 Jun 2021 12:18:04 +0200 Subject: [PATCH] SVCB: on parse error, throw instead of truncate. Fixes #10442 --- pdns/dnslabeltext.rl | 4 ++++ pdns/test-dnsrecords_cc.cc | 7 +++++++ 2 files changed, 11 insertions(+) diff --git a/pdns/dnslabeltext.rl b/pdns/dnslabeltext.rl index 3731345739..87a5799672 100644 --- a/pdns/dnslabeltext.rl +++ b/pdns/dnslabeltext.rl @@ -293,6 +293,10 @@ size_t parseSVCBValueListFromParsedRFC1035CharString(const std::string &in, std: (void) dns_text_to_value_list_en_main; %% write exec; + if ( cs < dns_text_to_value_list_first_final ) { + throw runtime_error("Unable to parse DNS SVCB value list '"+in+"'"); + } + return counter; } diff --git a/pdns/test-dnsrecords_cc.cc b/pdns/test-dnsrecords_cc.cc index 6a1224e2e1..6c66cb2312 100644 --- a/pdns/test-dnsrecords_cc.cc +++ b/pdns/test-dnsrecords_cc.cc @@ -491,6 +491,13 @@ BOOST_AUTO_TEST_CASE(test_unknown_records_in) { } } +// test that we reject invalid SVCB escaping +BOOST_AUTO_TEST_CASE(test_svcb_records_in) { + + BOOST_CHECK_THROW(auto invalidSVCB1=DNSRecordContent::mastermake(QType::SVCB, QClass::IN, R"FOO(1 . alpn=foo\\)FOO"), std::runtime_error); + +} + // special record test, because EUI are odd BOOST_AUTO_TEST_CASE(test_eui_records_in) { -- 2.47.2