[Dnsmasq-discuss] Config Parcing Bug

Simon Kelley simon at thekelleys.org.uk
Sun Jan 13 22:54:23 GMT 2019 

The error is originating in the libidn2 library. Interestingly,
compiling against libidn1, that library doesn't flag the error.

Dnsmasq passes the input domain name to libidn[2] so that it can be
translated to punycode if it contains non-ascii characters.

I guess the authors of libidn2 would consider this valid behaviour if
you reported it as a bug.

A possible solution in this case would be to use the untranslated name
(maybe with a warning) if it fails the translation  call.


Cheers,

Simon.


On 12/01/2019 00:22, Tasnad Kernetzky wrote:
> Hi all,
> 
> I wanted to report a bug (at least we belieave it is one). We had a
> short discussion over at the archlinux bugtracker
> (https://bugs.archlinux.org/task/60366).
> 
> In short:
> 
>> echo 'address=/ab--c.example.com/#' | dnsmasq --test -C -
> 
>> dnsmasq: error at line 1 of stdin
> 
> Althoug the URL is "forbidden":
> 
>> host 'ab--c.example.com'        
>> host: 'ab--c.example.com' is not a legal IDNA2008 name (string
> contains forbidden two hyphens pattern), use +noidnin
> 
> it would be nice to be able to block it. We ended up there, since the
> filter list from
> https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts started
> to include these kinds of URLs.
> 
> 
> My feeling is, that parsing the two dashes somehow fails. Interestingly,
> adding one more character before the dashes does not trigger the bug:
> 
>> echo 'address=/abb--c.example.com/#' | dnsmasq --test -C -
> 
>> dnsmasq: syntax check OK.
> 
> 
> Escaping (ab\-\-c.example.com) allows dnsmasq to start, but renders the
> line ineffective.
> 
> 
> Do you know about this and is it intended behaviour?
> 
> 
> Regards,
> 
> Tasnad
> 
> 
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20190113/76df42a6/attachment.sig>

More information about the Dnsmasq-discuss mailing list