Limit $GENERATE range to 65535 steps (#1020)

* Limit $GENERATE range to 65535 steps Having these checks means all test in TestCrasherString() are not reached because we bail out earlier - removed that test all together. Fixes #1019 Signed-off-by: Miek Gieben <[email protected]> * bring back testcase Signed-off-by: Miek Gieben <[email protected]> * bring back crash test Signed-off-by: Miek Gieben <[email protected]>
miekg · Oct 3, 2019 · 76b57d0 · 76b57d0
1 parent 5578703
commit 76b57d0
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 14 deletions.
diff --git a/generate.go b/generate.go
@@ -49,14 +49,14 @@ func (zp *ZoneParser) generate(l lex) (RR, bool) {
 	if err != nil {
 		return zp.setParseError("bad stop in $GENERATE range", l)
 	}
-	if end < 0 || start < 0 || end < start {
+	if end < 0 || start < 0 || end < start || (end-start)/step > 65535 {
 		return zp.setParseError("bad range in $GENERATE range", l)
 	}
 
 	// _BLANK
 	l, ok := zp.c.Next()
 	if !ok || l.value != zBlank {
-			return zp.setParseError("garbage after $GENERATE range", l)
+		return zp.setParseError("garbage after $GENERATE range", l)
 	}
 
 	// Create a complete new string, which we then parse again.

diff --git a/generate_test.go b/generate_test.go
@@ -205,16 +205,14 @@ $GENERATE 32-158 dhcp-${-32,4,d} A 10.0.0.$
 	}
 }
 
-
-
 func TestCrasherString(t *testing.T) {
-	tests := []struct{
-	in  string
-	err string
-}{
-		{"$GENERATE 0-300103\"$$GENERATE 2-2", "dns: garbage after $GENERATE range: \"\\\"\" at line: 1:19"},
-		{"$GENERATE 0-5414137360", "dns: garbage after $GENERATE range: \"\\n\" at line: 1:22"},
-		{"$GENERATE       11522-3668518066406258", "dns: garbage after $GENERATE range: \"\\n\" at line: 1:38"},
+	tests := []struct {
+		in  string
+		err string
+	}{
+		{"$GENERATE 0-300103\"$$GENERATE 2-2", "bad range in $GENERATE"},
+		{"$GENERATE 0-5414137360", "bad range in $GENERATE"},
+		{"$GENERATE       11522-3668518066406258", "bad range in $GENERATE"},
 		{"$GENERATE 0-200\"(;00000000000000\n$$GENERATE 0-0", "dns: garbage after $GENERATE range: \"\\\"\" at line: 1:16"},
 	}
 	for _, tc := range tests {
@@ -223,7 +221,7 @@ func TestCrasherString(t *testing.T) {
 			if err == nil {
 				t.Errorf("Expecting error for crasher line %s", tc.in)
 			}
-			if tc.err != err.Error() {
+			if !strings.Contains(err.Error(), tc.err) {
 				t.Errorf("Expecting error %s, got %s", tc.err, err.Error())
 			}
 		})

diff --git a/scan.go b/scan.go
@@ -134,7 +134,7 @@ func ReadRR(r io.Reader, file string) (RR, error) {
 }
 
 // ParseZone reads a RFC 1035 style zonefile from r. It returns
-// *Tokens on the returned channel, each consisting of either a
+// Tokens on the returned channel, each consisting of either a
 // parsed RR and optional comment or a nil RR and an error. The
 // channel is closed by ParseZone when the end of r is reached.
 //
@@ -143,7 +143,8 @@ func ReadRR(r io.Reader, file string) (RR, error) {
 // origin, as if the file would start with an $ORIGIN directive.
 //
 // The directives $INCLUDE, $ORIGIN, $TTL and $GENERATE are all
-// supported.
+// supported. Note that $GENERATE's range support up to a maximum of
+// of 65535 steps.
 //
 // Basic usage pattern when reading from a string (z) containing the
 // zone data:
@@ -203,6 +204,7 @@ func parseZone(r io.Reader, origin, file string, t chan *Token) {
 //
 // The directives $INCLUDE, $ORIGIN, $TTL and $GENERATE are all
 // supported. Although $INCLUDE is disabled by default.
+// Note that $GENERATE's range support up to a maximum of 65535 steps.
 //
 // Basic usage pattern when reading from a string (z) containing the
 // zone data: