From dbb7c8e6fd757db51226a47a2e14f4fd1aaf60c3 Mon Sep 17 00:00:00 2001 From: rl1987 Date: Sat, 17 Feb 2018 21:49:02 +0100 Subject: Validate hostnames with punycode TLDs correctly --- src/common/util.c | 17 +++++++++++++---- src/test/test_util.c | 4 ++++ 2 files changed, 17 insertions(+), 4 deletions(-) diff --git a/src/common/util.c b/src/common/util.c index 096188cfcf..a55f7a3cd5 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -1119,7 +1119,8 @@ string_is_valid_hostname(const char *string) /* Allow a single terminating '.' used rarely to indicate domains * are FQDNs rather than relative. */ - last_label = (char *)smartlist_get(components, smartlist_len(components) - 1); + last_label = (char *)smartlist_get(components, + smartlist_len(components) - 1); has_trailing_dot = (last_label[0] == '\0'); if (has_trailing_dot) { smartlist_pop_last(components); @@ -1133,12 +1134,20 @@ string_is_valid_hostname(const char *string) break; } - if (c_sl_idx == c_sl_len - 1) { + if (c_sl_idx == c_sl_len - 1) { // TLD validation. + int is_punycode = (strlen(c) > 4 && + (c[0] == 'X' || c[0] == 'x') && + (c[1] == 'N' || c[1] == 'n') && + c[2] == '-' && c[3] == '-'); + + if (is_punycode) + c += 4; + do { - result = TOR_ISALPHA(*c); + result = is_punycode ? TOR_ISALNUM(*c) : TOR_ISALPHA(*c); c++; } while (result && *c); - } else { + } else { // Regular hostname label validation. do { result = (TOR_ISALNUM(*c) || (*c == '-') || (*c == '_')); c++; diff --git a/src/test/test_util.c b/src/test/test_util.c index db2ea1a348..ef1f420fe3 100644 --- a/src/test/test_util.c +++ b/src/test/test_util.c @@ -5595,6 +5595,10 @@ test_util_hostname_validation(void *arg) tt_assert(!string_is_valid_hostname("luck.y13")); tt_assert(!string_is_valid_hostname("luck.y13.")); + // We allow punycode TLDs. For examples, see + // http://data.iana.org/TLD/tlds-alpha-by-domain.txt + tt_assert(string_is_valid_hostname("example.xn--l1acc")); + done: return; } -- cgit v1.2.3-54-g00ecf