diff options
| author | bradh352 <brad@brad-house.com> | 2022-03-02 23:31:35 +0300 |
|---|---|---|
| committer | Benjamin Gruenbaum <benjamingr@gmail.com> | 2022-03-13 10:37:33 +0300 |
| commit | d645315546baaf3a142c6217cb6ad4cd3f35d00c (patch) | |
| tree | ad178c33333fe2f3f6456f96c3fcce93fc476a32 /deps | |
| parent | 66db1169d7c9cee01e53217b6f4378df91151d96 (diff) | |
deps: cares: cherry-pick b5a3d96
Original commit message:
Asterisks should be allowed in host validation as CNAMEs may reference
wildcard domains
CloudFlare appears to use this logic in CNAMEs as per
https://github.com/nodejs/node/issues/42171
Fixes: https://github.com/c-ares/c-ares/issues/457
Fix By: Brad House (@bradh352)
PR-URL: https://github.com/nodejs/node/pull/42216
Fixes: https://github.com/nodejs/node/issues/42171
Fixes: https://github.com/nodejs/node/issues/457
Refs: https://github.com/c-ares/c-ares/issues/457
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Diffstat (limited to 'deps')
| -rw-r--r-- | deps/cares/src/lib/ares_expand_name.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/deps/cares/src/lib/ares_expand_name.c b/deps/cares/src/lib/ares_expand_name.c index fcd88a2a42e..6c7a35a715b 100644 --- a/deps/cares/src/lib/ares_expand_name.c +++ b/deps/cares/src/lib/ares_expand_name.c @@ -64,6 +64,8 @@ static int ares__isprint(int ch) * - underscores which are used in SRV records. * - Forward slashes such as are used for classless in-addr.arpa * delegation (CNAMEs) + * - Asterisks may be used for wildcard domains in CNAMEs as seen in the + * real world. * While RFC 2181 section 11 does state not to do validation, * that applies to servers, not clients. Vulnerabilities have been * reported when this validation is not performed. Security is more @@ -71,7 +73,7 @@ static int ares__isprint(int ch) * anyhow). */ static int is_hostnamech(int ch) { - /* [A-Za-z0-9-._/] + /* [A-Za-z0-9-*._/] * Don't use isalnum() as it is locale-specific */ if (ch >= 'A' && ch <= 'Z') @@ -80,7 +82,7 @@ static int is_hostnamech(int ch) return 1; if (ch >= '0' && ch <= '9') return 1; - if (ch == '-' || ch == '.' || ch == '_' || ch == '/') + if (ch == '-' || ch == '.' || ch == '_' || ch == '/' || ch == '*') return 1; return 0; |