The error is originating in the libidn2 library. Interestingly, compiling against libidn1, that library doesn't flag the error.
Dnsmasq passes the input domain name to libidn[2] so that it can be translated to punycode if it contains non-ascii characters. I guess the authors of libidn2 would consider this valid behaviour if you reported it as a bug. A possible solution in this case would be to use the untranslated name (maybe with a warning) if it fails the translation call. Cheers, Simon. On 12/01/2019 00:22, Tasnad Kernetzky wrote: > Hi all, > > I wanted to report a bug (at least we belieave it is one). We had a > short discussion over at the archlinux bugtracker > (https://bugs.archlinux.org/task/60366). > > In short: > >> echo 'address=/ab--c.example.com/#' | dnsmasq --test -C - > >> dnsmasq: error at line 1 of stdin > > Althoug the URL is "forbidden": > >> host 'ab--c.example.com' >> host: 'ab--c.example.com' is not a legal IDNA2008 name (string > contains forbidden two hyphens pattern), use +noidnin > > it would be nice to be able to block it. We ended up there, since the > filter list from > https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts started > to include these kinds of URLs. > > > My feeling is, that parsing the two dashes somehow fails. Interestingly, > adding one more character before the dashes does not trigger the bug: > >> echo 'address=/abb--c.example.com/#' | dnsmasq --test -C - > >> dnsmasq: syntax check OK. > > > Escaping (ab\-\-c.example.com) allows dnsmasq to start, but renders the > line ineffective. > > > Do you know about this and is it intended behaviour? > > > Regards, > > Tasnad > > > > _______________________________________________ > Dnsmasq-discuss mailing list > [email protected] > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Dnsmasq-discuss mailing list [email protected] http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
