diff options
author | Jamie Davis <davisjam@vt.edu> | 2018-04-30 21:27:18 -0400 |
---|---|---|
committer | Rich Trott <rtrott@gmail.com> | 2018-06-08 21:35:32 -0700 |
commit | 872c331a930df3e44e8f5db5a90a0383e8d0491b (patch) | |
tree | d0800a6f2ebb433f45d7060f9bed58ec28589d19 /test/parallel/test-dns.js | |
parent | 8551d311bcbf6c5ebdd544c1409001eb5ba8e26b (diff) | |
download | android-node-v8-872c331a930df3e44e8f5db5a90a0383e8d0491b.tar.gz android-node-v8-872c331a930df3e44e8f5db5a90a0383e8d0491b.tar.bz2 android-node-v8-872c331a930df3e44e8f5db5a90a0383e8d0491b.zip |
dns: improve setServers() errors and performance
Issue 1: make invalid setServers yield uniform error
Behavior:
dns.setServers throws a null pointer dereference on some inputs.
Expected behavior was the more pleasant
TypeError [ERR_INVALID_IP_ADDRESS] ...
Root cause(s?):
- Dereferencing the result of a regex match without confirming
that there was a match.
- assuming the capture of an optional group (?)
Solution:
Confirm the match, and handle a missing port cleanly.
Tests: I added tests for various unusual inputs.
Issue 2: revise quadratic regex in setServers
Problem:
The IPv6 regex was quadratic.
On long malicious input the event loop could block.
The security team did not deem it a security risk,
but said a PR was welcome.
Solution:
Revise the regex to a linear-complexity version.
Tests:
I added REDOS tests to the "oddities" section.
Fixes: https://github.com/nodejs/node/issues/20441
Fixes: https://github.com/nodejs/node/issues/20443
PR-URL: https://github.com/nodejs/node/pull/20445
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Diffstat (limited to 'test/parallel/test-dns.js')
-rw-r--r-- | test/parallel/test-dns.js | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/test/parallel/test-dns.js b/test/parallel/test-dns.js index fb648544b9..f50b9464f1 100644 --- a/test/parallel/test-dns.js +++ b/test/parallel/test-dns.js @@ -62,6 +62,31 @@ assert(existing.length > 0); ]); } +{ + // Various invalidities, all of which should throw a clean error. + const invalidServers = [ + ' ', + '\n', + '\0', + '1'.repeat(3 * 4), + // Check for REDOS issues. + ':'.repeat(100000), + '['.repeat(100000), + '['.repeat(100000) + ']'.repeat(100000) + 'a' + ]; + invalidServers.forEach((serv) => { + assert.throws( + () => { + dns.setServers([serv]); + }, + { + name: 'TypeError [ERR_INVALID_IP_ADDRESS]', + code: 'ERR_INVALID_IP_ADDRESS' + } + ); + }); +} + const goog = [ '8.8.8.8', '8.8.4.4', |