From 2f73fe7a0db269dcbe51e372809032fa52b8c68c Mon Sep 17 00:00:00 2001 From: Dan Peterson Date: Wed, 13 Jul 2016 10:35:35 -0600 Subject: [PATCH] net: use libresolv rules for ndots range and validation BIND libresolv allows values from 0 to 15. For invalid values and negative numbers, 0 is used. For numbers greater than 15, 15 is used. Fixes #15419 Change-Id: I1009bc119c3e87919bcb55a80a35532e9fc3ba52 Reviewed-on: https://go-review.googlesource.com/24901 Reviewed-by: Matthew Dempsky Run-TryBot: Matthew Dempsky TryBot-Result: Gobot Gobot --- src/net/dnsconfig_unix.go | 6 +++-- src/net/dnsconfig_unix_test.go | 30 +++++++++++++++++++++ src/net/testdata/invalid-ndots-resolv.conf | 1 + src/net/testdata/large-ndots-resolv.conf | 1 + src/net/testdata/negative-ndots-resolv.conf | 1 + 5 files changed, 37 insertions(+), 2 deletions(-) create mode 100644 src/net/testdata/invalid-ndots-resolv.conf create mode 100644 src/net/testdata/large-ndots-resolv.conf create mode 100644 src/net/testdata/negative-ndots-resolv.conf diff --git a/src/net/dnsconfig_unix.go b/src/net/dnsconfig_unix.go index b8858137225..683ae71812a 100644 --- a/src/net/dnsconfig_unix.go +++ b/src/net/dnsconfig_unix.go @@ -92,8 +92,10 @@ func dnsReadConfig(filename string) *dnsConfig { switch { case hasPrefix(s, "ndots:"): n, _, _ := dtoi(s[6:]) - if n < 1 { - n = 1 + if n < 0 { + n = 0 + } else if n > 15 { + n = 15 } conf.ndots = n case hasPrefix(s, "timeout:"): diff --git a/src/net/dnsconfig_unix_test.go b/src/net/dnsconfig_unix_test.go index 9fd6dbf982a..89695c30993 100644 --- a/src/net/dnsconfig_unix_test.go +++ b/src/net/dnsconfig_unix_test.go @@ -60,6 +60,36 @@ var dnsReadConfigTests = []struct { search: []string{"domain.local."}, }, }, + { + name: "testdata/invalid-ndots-resolv.conf", + want: &dnsConfig{ + servers: defaultNS, + ndots: 0, + timeout: 5 * time.Second, + attempts: 2, + search: []string{"domain.local."}, + }, + }, + { + name: "testdata/large-ndots-resolv.conf", + want: &dnsConfig{ + servers: defaultNS, + ndots: 15, + timeout: 5 * time.Second, + attempts: 2, + search: []string{"domain.local."}, + }, + }, + { + name: "testdata/negative-ndots-resolv.conf", + want: &dnsConfig{ + servers: defaultNS, + ndots: 0, + timeout: 5 * time.Second, + attempts: 2, + search: []string{"domain.local."}, + }, + }, { name: "testdata/openbsd-resolv.conf", want: &dnsConfig{ diff --git a/src/net/testdata/invalid-ndots-resolv.conf b/src/net/testdata/invalid-ndots-resolv.conf new file mode 100644 index 00000000000..084c1643dea --- /dev/null +++ b/src/net/testdata/invalid-ndots-resolv.conf @@ -0,0 +1 @@ +options ndots:invalid \ No newline at end of file diff --git a/src/net/testdata/large-ndots-resolv.conf b/src/net/testdata/large-ndots-resolv.conf new file mode 100644 index 00000000000..72968eee916 --- /dev/null +++ b/src/net/testdata/large-ndots-resolv.conf @@ -0,0 +1 @@ +options ndots:16 \ No newline at end of file diff --git a/src/net/testdata/negative-ndots-resolv.conf b/src/net/testdata/negative-ndots-resolv.conf new file mode 100644 index 00000000000..c11e0cc4033 --- /dev/null +++ b/src/net/testdata/negative-ndots-resolv.conf @@ -0,0 +1 @@ +options ndots:-1 \ No newline at end of file