dns/scan.go

1369 lines
29 KiB
Go
Raw Permalink Normal View History

2011-12-14 08:26:31 +00:00
package dns
2011-12-14 08:00:39 +00:00
import (
Eliminate lexer goroutines (#792) * Eliminate zlexer goroutine This replaces the zlexer goroutine and channels with a zlexer struct that maintains state and provides a channel-like API. * Eliminate klexer goroutine This replaces the klexer goroutine and channels with a klexer struct that maintains state and provides a channel-like API. * Merge scan into zlexer and klexer This does result in tokenText existing twice, but it's pretty simple and small so it's not that bad. * Avoid using text/scanner.Position to track position * Track escape within zlexer.Next * Avoid zl.commt check on space and tab in zlexer * Track stri within zlexer.Next * Track comi within zlexer.Next There is one special case at the start of a comment that needs to be handled, otherwise this is as simple as stri was. * Use a single token buffer in zlexer This is safe as there is never both a non-empty string buffer and a non-empty comment buffer. * Don't hardcode length of zl.tok in zlexer * Eliminate lex.length field This is always set to len(l.token) and is only queried in a few places. It was added in 47cc5b052df9b4e5d5a9900cfdd622607de10a6d without any obvious need. * Add whitespace to klexer.Next * Track lex within klexer.Next * Use a strings.Builder in klexer.Next * Simplify : case in klexer.Next * Add whitespace to zlexer.Next * Change for loop style in zlexer.Next and klexer.Next * Surface read errors in zlexer * Surface read errors from klexer * Remove debug line from parseKey * Rename tokenText to readByte * Make readByte return ok bool Also change the for loop style to match the Next for loops. * Make readByte errors sticky klexer.Next calls readByte separately from within the loop. Without readByte being sticky, an error that occurs during that readByte call may be lost. * Panic in testRR if the error is non-nil * Add whitespace and unify field setting in zlexer.Next * Remove eof fields from zlexer and klexer With readByte having sticky errors, this no longer needed. zl.eof = true was also in the wrong place and could mask an unbalanced brace error. * Merge zl.tok blocks in zlexer.Next * Split the tok buffer into separate string and comment buffers The invariant of stri > 0 && comi > 0 never being true was broken when x == '\n' && !zl.quote && zl.commt && zl.brace != 0 (the "If not in a brace this ends the comment AND the RR" block). Split the buffer back out into two separate buffers to avoid clobbering. * Replace token slices with arrays in zlexer * Add a NewRR benchmark * Move token buffers into zlexer.Next These don't need to be retained across Next calls and can be stack allocated inside Next. This drastically reduces memory consumption as they accounted for nearly half of all the memory used. name old alloc/op new alloc/op delta NewRR-12 9.72kB ± 0% 4.98kB ± 0% -48.72% (p=0.000 n=10+10) * Add a ReadRR benchmark Unlike NewRR, this will use an io.Reader that does not implement any methods aside from Read. In particular it does not implement io.ByteReader. * Avoid using a bufio.Reader for io.ByteReader readers At the same time use a smaller buffer size of 1KiB rather than the bufio.NewReader default of 4KiB. name old time/op new time/op delta NewRR-12 11.0µs ± 3% 9.5µs ± 2% -13.77% (p=0.000 n=9+10) ReadRR-12 11.2µs ±16% 9.8µs ± 1% -13.03% (p=0.000 n=10+10) name old alloc/op new alloc/op delta NewRR-12 4.98kB ± 0% 0.81kB ± 0% -83.79% (p=0.000 n=10+10) ReadRR-12 4.87kB ± 0% 1.82kB ± 0% -62.73% (p=0.000 n=10+10) name old allocs/op new allocs/op delta NewRR-12 19.0 ± 0% 17.0 ± 0% -10.53% (p=0.000 n=10+10) ReadRR-12 19.0 ± 0% 19.0 ± 0% ~ (all equal) ReadRR-12 11.2µs ±16% 9.8µs ± 1% -13.03% (p=0.000 n=10+10) * Surface any remaining comment from zlexer.Next * Improve comment handling in zlexer.Next This both fixes a regression where comments could be lost under certain circumstances and now emits comments that occur within braces. * Remove outdated comment from zlexer.Next and klexer.Next * Delay converting LF to space in braced comment * Fixup TestParseZoneComments * Remove tokenUpper field from lex Not computing this for every token, and instead only when needed is a substantial performance improvement. name old time/op new time/op delta NewRR-12 9.56µs ± 0% 6.30µs ± 1% -34.08% (p=0.000 n=9+10) ReadRR-12 9.93µs ± 1% 6.67µs ± 1% -32.77% (p=0.000 n=10+10) name old alloc/op new alloc/op delta NewRR-12 824B ± 0% 808B ± 0% -1.94% (p=0.000 n=10+10) ReadRR-12 1.83kB ± 0% 1.82kB ± 0% -0.87% (p=0.000 n=10+10) name old allocs/op new allocs/op delta NewRR-12 17.0 ± 0% 17.0 ± 0% ~ (all equal) ReadRR-12 19.0 ± 0% 19.0 ± 0% ~ (all equal) * Update ParseZone documentation to match comment changes The zlexer code was changed to return comments more often, so update the ParseZone documentation to match.
2018-10-15 07:12:31 +00:00
"bufio"
"fmt"
2011-12-14 08:26:31 +00:00
"io"
"os"
"path/filepath"
2011-12-14 08:00:39 +00:00
"strconv"
"strings"
)
const maxTok = 2048 // Largest token we can return.
2011-12-16 09:30:42 +00:00
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
// The maximum depth of $INCLUDE directives supported by the
// ZoneParser API.
const maxIncludeDepth = 7
2011-12-14 08:00:39 +00:00
// Tokinize a RFC 1035 zone file. The tokenizer will normalize it:
2011-12-15 11:27:05 +00:00
// * Add ownernames if they are left blank;
2011-12-14 08:00:39 +00:00
// * Suppress sequences of spaces;
// * Make each RR fit on one line (_NEWLINE is send as last)
2011-12-14 08:00:39 +00:00
// * Handle comments: ;
// * Handle braces - anywhere.
2011-12-14 08:00:39 +00:00
const (
2011-12-15 21:40:07 +00:00
// Zonefile
2015-02-19 10:45:59 +00:00
zEOF = iota
zString
zBlank
zQuote
zNewline
zRrtpe
zOwner
zClass
zDirOrigin // $ORIGIN
zDirTTL // $TTL
2015-02-19 10:45:59 +00:00
zDirInclude // $INCLUDE
zDirGenerate // $GENERATE
2011-12-14 08:00:39 +00:00
2011-12-15 21:40:07 +00:00
// Privatekey file
2015-02-19 10:45:59 +00:00
zValue
zKey
2015-02-19 10:59:15 +00:00
zExpectOwnerDir // Ownername
zExpectOwnerBl // Whitespace after the ownername
zExpectAny // Expect rrtype, ttl or class
zExpectAnyNoClass // Expect rrtype or ttl
zExpectAnyNoClassBl // The whitespace after _EXPECT_ANY_NOCLASS
zExpectAnyNoTTL // Expect rrtype or class
zExpectAnyNoTTLBl // Whitespace after _EXPECT_ANY_NOTTL
2015-02-19 10:59:15 +00:00
zExpectRrtype // Expect rrtype
zExpectRrtypeBl // Whitespace BEFORE rrtype
zExpectRdata // The first element of the rdata
zExpectDirTTLBl // Space after directive $TTL
zExpectDirTTL // Directive $TTL
2015-02-19 10:59:15 +00:00
zExpectDirOriginBl // Space after directive $ORIGIN
zExpectDirOrigin // Directive $ORIGIN
zExpectDirIncludeBl // Space after directive $INCLUDE
zExpectDirInclude // Directive $INCLUDE
zExpectDirGenerate // Directive $GENERATE
zExpectDirGenerateBl // Space after directive $GENERATE
2011-12-14 08:00:39 +00:00
)
2012-05-08 12:17:17 +00:00
// ParseError is a parsing error. It contains the parse error and the location in the io.Reader
2016-01-04 03:16:50 +00:00
// where the error occurred.
type ParseError struct {
file string
err string
lex lex
}
func (e *ParseError) Error() (s string) {
if e.file != "" {
s = e.file + ": "
}
2012-03-03 16:40:30 +00:00
s += "dns: " + e.err + ": " + strconv.QuoteToASCII(e.lex.token) + " at line: " +
strconv.Itoa(e.lex.line) + ":" + strconv.Itoa(e.lex.column)
return
}
2011-12-16 18:34:30 +00:00
type lex struct {
token string // text of the token
err bool // when true, token text has lexer error
value uint8 // value: zString, _BLANK, etc.
torc uint16 // type or class as parsed in the lexer, we only need to look this up in the grammar
line int // line in the file
column int // column in the file
2011-12-14 08:00:39 +00:00
}
// ttlState describes the state necessary to fill in an omitted RR TTL
type ttlState struct {
ttl uint32 // ttl is the current default TTL
isByDirective bool // isByDirective indicates whether ttl was set by a $TTL directive
}
// NewRR reads the RR contained in the string s. Only the first RR is returned.
// If s contains no records, NewRR will return nil with no error.
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
//
// The class defaults to IN and TTL defaults to 3600. The full zone file syntax
// like $TTL, $ORIGIN, etc. is supported. All fields of the returned RR are
// set, except RR.Header().Rdlength which is set to 0.
func NewRR(s string) (RR, error) {
if len(s) > 0 && s[len(s)-1] != '\n' { // We need a closing newline
return ReadRR(strings.NewReader(s+"\n"), "")
}
return ReadRR(strings.NewReader(s), "")
2012-01-22 19:20:30 +00:00
}
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
// ReadRR reads the RR contained in r.
//
// The string file is used in error reporting and to resolve relative
// $INCLUDE directives.
//
// See NewRR for more documentation.
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
func ReadRR(r io.Reader, file string) (RR, error) {
zp := NewZoneParser(r, ".", file)
zp.SetDefaultTTL(defaultTtl)
zp.SetIncludeAllowed(true)
rr, _ := zp.Next()
return rr, zp.Err()
}
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
// ZoneParser is a parser for an RFC 1035 style zonefile.
//
// Each parsed RR in the zone is returned sequentially from Next. An
// optional comment can be retrieved with Comment.
//
// The directives $INCLUDE, $ORIGIN, $TTL and $GENERATE are all
// supported. Although $INCLUDE is disabled by default.
// Note that $GENERATE's range support up to a maximum of 65535 steps.
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
//
// Basic usage pattern when reading from a string (z) containing the
// zone data:
//
// zp := NewZoneParser(strings.NewReader(z), "", "")
//
// for rr, ok := zp.Next(); ok; rr, ok = zp.Next() {
// // Do something with rr
// }
//
// if err := zp.Err(); err != nil {
// // log.Println(err)
// }
//
// Comments specified after an RR (and on the same line!) are
// returned too:
//
// foo. IN A 10.0.0.1 ; this is a comment
//
// The text "; this is comment" is returned from Comment. Comments inside
// the RR are returned concatenated along with the RR. Comments on a line
// by themselves are discarded.
//
// Callers should not assume all returned data in an Resource Record is
// syntactically correct, e.g. illegal base64 in RRSIGs will be returned as-is.
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
type ZoneParser struct {
c *zlexer
Eliminate lexer goroutines (#792) * Eliminate zlexer goroutine This replaces the zlexer goroutine and channels with a zlexer struct that maintains state and provides a channel-like API. * Eliminate klexer goroutine This replaces the klexer goroutine and channels with a klexer struct that maintains state and provides a channel-like API. * Merge scan into zlexer and klexer This does result in tokenText existing twice, but it's pretty simple and small so it's not that bad. * Avoid using text/scanner.Position to track position * Track escape within zlexer.Next * Avoid zl.commt check on space and tab in zlexer * Track stri within zlexer.Next * Track comi within zlexer.Next There is one special case at the start of a comment that needs to be handled, otherwise this is as simple as stri was. * Use a single token buffer in zlexer This is safe as there is never both a non-empty string buffer and a non-empty comment buffer. * Don't hardcode length of zl.tok in zlexer * Eliminate lex.length field This is always set to len(l.token) and is only queried in a few places. It was added in 47cc5b052df9b4e5d5a9900cfdd622607de10a6d without any obvious need. * Add whitespace to klexer.Next * Track lex within klexer.Next * Use a strings.Builder in klexer.Next * Simplify : case in klexer.Next * Add whitespace to zlexer.Next * Change for loop style in zlexer.Next and klexer.Next * Surface read errors in zlexer * Surface read errors from klexer * Remove debug line from parseKey * Rename tokenText to readByte * Make readByte return ok bool Also change the for loop style to match the Next for loops. * Make readByte errors sticky klexer.Next calls readByte separately from within the loop. Without readByte being sticky, an error that occurs during that readByte call may be lost. * Panic in testRR if the error is non-nil * Add whitespace and unify field setting in zlexer.Next * Remove eof fields from zlexer and klexer With readByte having sticky errors, this no longer needed. zl.eof = true was also in the wrong place and could mask an unbalanced brace error. * Merge zl.tok blocks in zlexer.Next * Split the tok buffer into separate string and comment buffers The invariant of stri > 0 && comi > 0 never being true was broken when x == '\n' && !zl.quote && zl.commt && zl.brace != 0 (the "If not in a brace this ends the comment AND the RR" block). Split the buffer back out into two separate buffers to avoid clobbering. * Replace token slices with arrays in zlexer * Add a NewRR benchmark * Move token buffers into zlexer.Next These don't need to be retained across Next calls and can be stack allocated inside Next. This drastically reduces memory consumption as they accounted for nearly half of all the memory used. name old alloc/op new alloc/op delta NewRR-12 9.72kB ± 0% 4.98kB ± 0% -48.72% (p=0.000 n=10+10) * Add a ReadRR benchmark Unlike NewRR, this will use an io.Reader that does not implement any methods aside from Read. In particular it does not implement io.ByteReader. * Avoid using a bufio.Reader for io.ByteReader readers At the same time use a smaller buffer size of 1KiB rather than the bufio.NewReader default of 4KiB. name old time/op new time/op delta NewRR-12 11.0µs ± 3% 9.5µs ± 2% -13.77% (p=0.000 n=9+10) ReadRR-12 11.2µs ±16% 9.8µs ± 1% -13.03% (p=0.000 n=10+10) name old alloc/op new alloc/op delta NewRR-12 4.98kB ± 0% 0.81kB ± 0% -83.79% (p=0.000 n=10+10) ReadRR-12 4.87kB ± 0% 1.82kB ± 0% -62.73% (p=0.000 n=10+10) name old allocs/op new allocs/op delta NewRR-12 19.0 ± 0% 17.0 ± 0% -10.53% (p=0.000 n=10+10) ReadRR-12 19.0 ± 0% 19.0 ± 0% ~ (all equal) ReadRR-12 11.2µs ±16% 9.8µs ± 1% -13.03% (p=0.000 n=10+10) * Surface any remaining comment from zlexer.Next * Improve comment handling in zlexer.Next This both fixes a regression where comments could be lost under certain circumstances and now emits comments that occur within braces. * Remove outdated comment from zlexer.Next and klexer.Next * Delay converting LF to space in braced comment * Fixup TestParseZoneComments * Remove tokenUpper field from lex Not computing this for every token, and instead only when needed is a substantial performance improvement. name old time/op new time/op delta NewRR-12 9.56µs ± 0% 6.30µs ± 1% -34.08% (p=0.000 n=9+10) ReadRR-12 9.93µs ± 1% 6.67µs ± 1% -32.77% (p=0.000 n=10+10) name old alloc/op new alloc/op delta NewRR-12 824B ± 0% 808B ± 0% -1.94% (p=0.000 n=10+10) ReadRR-12 1.83kB ± 0% 1.82kB ± 0% -0.87% (p=0.000 n=10+10) name old allocs/op new allocs/op delta NewRR-12 17.0 ± 0% 17.0 ± 0% ~ (all equal) ReadRR-12 19.0 ± 0% 19.0 ± 0% ~ (all equal) * Update ParseZone documentation to match comment changes The zlexer code was changed to return comments more often, so update the ParseZone documentation to match.
2018-10-15 07:12:31 +00:00
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
parseErr *ParseError
origin string
file string
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
defttl *ttlState
h RR_Header
// sub is used to parse $INCLUDE files and $GENERATE directives.
// Next, by calling subNext, forwards the resulting RRs from this
// sub parser to the calling code.
sub *ZoneParser
osFile *os.File
includeDepth uint8
includeAllowed bool
generateDisallowed bool
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
}
// NewZoneParser returns an RFC 1035 style zonefile parser that reads
// from r.
//
// The string file is used in error reporting and to resolve relative
// $INCLUDE directives. The string origin is used as the initial
// origin, as if the file would start with an $ORIGIN directive.
func NewZoneParser(r io.Reader, origin, file string) *ZoneParser {
var pe *ParseError
if origin != "" {
origin = Fqdn(origin)
if _, ok := IsDomainName(origin); !ok {
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
pe = &ParseError{file, "bad initial origin name", lex{}}
}
}
2012-07-16 17:46:16 +00:00
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
return &ZoneParser{
c: newZLexer(r),
parseErr: pe,
origin: origin,
file: file,
}
}
// SetDefaultTTL sets the parsers default TTL to ttl.
func (zp *ZoneParser) SetDefaultTTL(ttl uint32) {
zp.defttl = &ttlState{ttl, false}
}
// SetIncludeAllowed controls whether $INCLUDE directives are
// allowed. $INCLUDE directives are not supported by default.
//
// The $INCLUDE directive will open and read from a user controlled
// file on the system. Even if the file is not a valid zonefile, the
// contents of the file may be revealed in error messages, such as:
//
// /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31
// /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125
func (zp *ZoneParser) SetIncludeAllowed(v bool) {
zp.includeAllowed = v
}
// Err returns the first non-EOF error that was encountered by the
// ZoneParser.
func (zp *ZoneParser) Err() error {
if zp.parseErr != nil {
return zp.parseErr
}
if zp.sub != nil {
if err := zp.sub.Err(); err != nil {
return err
}
}
return zp.c.Err()
}
func (zp *ZoneParser) setParseError(err string, l lex) (RR, bool) {
zp.parseErr = &ParseError{zp.file, err, l}
return nil, false
}
// Comment returns an optional text comment that occurred alongside
// the RR.
func (zp *ZoneParser) Comment() string {
if zp.parseErr != nil {
return ""
}
if zp.sub != nil {
return zp.sub.Comment()
}
return zp.c.Comment()
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
}
func (zp *ZoneParser) subNext() (RR, bool) {
if rr, ok := zp.sub.Next(); ok {
return rr, true
}
if zp.sub.osFile != nil {
zp.sub.osFile.Close()
zp.sub.osFile = nil
}
if zp.sub.Err() != nil {
// We have errors to surface.
return nil, false
}
zp.sub = nil
return zp.Next()
}
// Next advances the parser to the next RR in the zonefile and
// returns the (RR, true). It will return (nil, false) when the
// parsing stops, either by reaching the end of the input or an
// error. After Next returns (nil, false), the Err method will return
// any error that occurred during parsing.
func (zp *ZoneParser) Next() (RR, bool) {
if zp.parseErr != nil {
return nil, false
}
if zp.sub != nil {
return zp.subNext()
}
// 6 possible beginnings of a line (_ is a space):
//
// 0. zRRTYPE -> all omitted until the rrtype
// 1. zOwner _ zRrtype -> class/ttl omitted
// 2. zOwner _ zString _ zRrtype -> class omitted
// 3. zOwner _ zString _ zClass _ zRrtype -> ttl/class
// 4. zOwner _ zClass _ zRrtype -> ttl omitted
// 5. zOwner _ zClass _ zString _ zRrtype -> class/ttl (reversed)
//
// After detecting these, we know the zRrtype so we can jump to functions
// handling the rdata for each of these types.
2015-02-19 10:59:15 +00:00
st := zExpectOwnerDir // initial state
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
h := &zp.h
for l, ok := zp.c.Next(); ok; l, ok = zp.c.Next() {
// zlexer spotted an error already
Fix dominikh/go-tools nits (#758) * Remove unused functions and consts * Address gosimple nits * Address staticcheck nits This excludes several that were intentional or weren't actual errors. * Reduce size of lex struct This reduces the size of the lex struct by 8 bytes from: lex.token string: 0-16 (size 16, align 8) lex.tokenUpper string: 16-32 (size 16, align 8) lex.length int: 32-40 (size 8, align 8) lex.err bool: 40-41 (size 1, align 1) lex.value uint8: 41-42 (size 1, align 1) padding: 42-48 (size 6, align 0) lex.line int: 48-56 (size 8, align 8) lex.column int: 56-64 (size 8, align 8) lex.torc uint16: 64-66 (size 2, align 2) padding: 66-72 (size 6, align 0) lex.comment string: 72-88 (size 16, align 8) to: lex.token string: 0-16 (size 16, align 8) lex.tokenUpper string: 16-32 (size 16, align 8) lex.length int: 32-40 (size 8, align 8) lex.err bool: 40-41 (size 1, align 1) lex.value uint8: 41-42 (size 1, align 1) lex.torc uint16: 42-44 (size 2, align 2) padding: 44-48 (size 4, align 0) lex.line int: 48-56 (size 8, align 8) lex.column int: 56-64 (size 8, align 8) lex.comment string: 64-80 (size 16, align 8) * Reduce size of response struct This reduces the size of the response struct by 8 bytes from: response.msg []byte: 0-24 (size 24, align 8) response.hijacked bool: 24-25 (size 1, align 1) padding: 25-32 (size 7, align 0) response.tsigStatus error: 32-48 (size 16, align 8) response.tsigTimersOnly bool: 48-49 (size 1, align 1) padding: 49-56 (size 7, align 0) response.tsigRequestMAC string: 56-72 (size 16, align 8) response.tsigSecret map[string]string: 72-80 (size 8, align 8) response.udp *net.UDPConn: 80-88 (size 8, align 8) response.tcp net.Conn: 88-104 (size 16, align 8) response.udpSession *github.com/tmthrgd/dns.SessionUDP: 104-112 (size 8, align 8) response.writer github.com/tmthrgd/dns.Writer: 112-128 (size 16, align 8) response.wg *sync.WaitGroup: 128-136 (size 8, align 8) to: response.msg []byte: 0-24 (size 24, align 8) response.hijacked bool: 24-25 (size 1, align 1) response.tsigTimersOnly bool: 25-26 (size 1, align 1) padding: 26-32 (size 6, align 0) response.tsigStatus error: 32-48 (size 16, align 8) response.tsigRequestMAC string: 48-64 (size 16, align 8) response.tsigSecret map[string]string: 64-72 (size 8, align 8) response.udp *net.UDPConn: 72-80 (size 8, align 8) response.tcp net.Conn: 80-96 (size 16, align 8) response.udpSession *github.com/tmthrgd/dns.SessionUDP: 96-104 (size 8, align 8) response.writer github.com/tmthrgd/dns.Writer: 104-120 (size 16, align 8) response.wg *sync.WaitGroup: 120-128 (size 8, align 8)
2018-09-26 18:32:05 +00:00
if l.err {
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
return zp.setParseError(l.token, l)
}
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
2011-12-14 08:00:39 +00:00
switch st {
2015-02-19 10:59:15 +00:00
case zExpectOwnerDir:
2011-12-18 16:58:06 +00:00
// We can also expect a directive, like $TTL or $ORIGIN
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
if zp.defttl != nil {
h.Ttl = zp.defttl.ttl
}
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
h.Class = ClassINET
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
2011-12-14 08:00:39 +00:00
switch l.value {
2015-02-19 10:45:59 +00:00
case zNewline:
2015-02-19 10:59:15 +00:00
st = zExpectOwnerDir
2015-02-19 10:45:59 +00:00
case zOwner:
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
name, ok := toAbsoluteName(l.token, zp.origin)
if !ok {
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
return zp.setParseError("bad owner name", l)
2012-01-12 21:49:26 +00:00
}
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
h.Name = name
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
2015-02-19 10:59:15 +00:00
st = zExpectOwnerBl
case zDirTTL:
st = zExpectDirTTLBl
2015-02-19 10:45:59 +00:00
case zDirOrigin:
2015-02-19 10:59:15 +00:00
st = zExpectDirOriginBl
2015-02-19 10:45:59 +00:00
case zDirInclude:
2015-02-19 10:59:15 +00:00
st = zExpectDirIncludeBl
2015-02-19 10:45:59 +00:00
case zDirGenerate:
2015-02-19 10:59:15 +00:00
st = zExpectDirGenerateBl
2015-02-19 10:45:59 +00:00
case zRrtpe:
2012-02-27 20:12:04 +00:00
h.Rrtype = l.torc
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
2015-02-19 10:59:15 +00:00
st = zExpectRdata
2015-02-19 10:45:59 +00:00
case zClass:
2012-02-27 20:12:04 +00:00
h.Class = l.torc
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
2015-02-19 10:59:15 +00:00
st = zExpectAnyNoClassBl
2015-02-19 10:45:59 +00:00
case zBlank:
// Discard, can happen when there is nothing on the
// line except the RR type
2015-02-19 10:45:59 +00:00
case zString:
ttl, ok := stringToTTL(l.token)
if !ok {
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
return zp.setParseError("not a TTL", l)
}
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
h.Ttl = ttl
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
if zp.defttl == nil || !zp.defttl.isByDirective {
zp.defttl = &ttlState{ttl, false}
}
2012-02-27 20:12:04 +00:00
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
st = zExpectAnyNoTTLBl
2011-12-14 08:00:39 +00:00
default:
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
return zp.setParseError("syntax error at beginning", l)
}
2015-02-19 10:59:15 +00:00
case zExpectDirIncludeBl:
2015-02-19 10:45:59 +00:00
if l.value != zBlank {
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
return zp.setParseError("no blank after $INCLUDE-directive", l)
2011-12-14 08:00:39 +00:00
}
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
2015-02-19 10:59:15 +00:00
st = zExpectDirInclude
case zExpectDirInclude:
2015-02-19 10:45:59 +00:00
if l.value != zString {
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
return zp.setParseError("expecting $INCLUDE value, not this...", l)
}
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
neworigin := zp.origin // There may be optionally a new origin set after the filename, if not use current one
switch l, _ := zp.c.Next(); l.value {
2015-02-19 10:45:59 +00:00
case zBlank:
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
l, _ := zp.c.Next()
2015-02-19 10:45:59 +00:00
if l.value == zString {
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
name, ok := toAbsoluteName(l.token, zp.origin)
if !ok {
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
return zp.setParseError("bad origin name", l)
}
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
neworigin = name
}
2015-02-19 10:45:59 +00:00
case zNewline, zEOF:
// Ok
default:
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
return zp.setParseError("garbage after $INCLUDE", l)
}
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
if !zp.includeAllowed {
return zp.setParseError("$INCLUDE directive not allowed", l)
}
if zp.includeDepth >= maxIncludeDepth {
return zp.setParseError("too deeply nested $INCLUDE", l)
}
// Start with the new file
includePath := l.token
if !filepath.IsAbs(includePath) {
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
includePath = filepath.Join(filepath.Dir(zp.file), includePath)
}
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
r1, e1 := os.Open(includePath)
2012-01-21 22:42:33 +00:00
if e1 != nil {
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
var as string
if !filepath.IsAbs(l.token) {
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper to ZoneParser * Surface $INCLUDE os.Open error in error message * Rename ZoneParser.include field to includeDepth * Make maximum $INCLUDE depth a const * Add ParseZone and ZoneParser benchmarks * Parse $GENERATE directive with a single ZoneParser This should be more efficient than calling NewRR for each generated record. * Run go fmt on generate_test.go * Add a benchmark for $GENERATE directives * Use a custom reader for generate This avoids the overhead and memory usage of building the zone string. name old time/op new time/op delta Generate-12 165µs ± 4% 157µs ± 2% -5.06% (p=0.000 n=25+25) name old alloc/op new alloc/op delta Generate-12 42.1kB ± 0% 31.8kB ± 0% -24.42% (p=0.000 n=20+23) name old allocs/op new allocs/op delta Generate-12 1.56k ± 0% 1.55k ± 0% -0.38% (p=0.000 n=25+25) * Return correct ParseError from generateReader The last commit made these regular errors while they had been ParseErrors before. * Return error message as string from modToPrintf This is slightly simpler and they don't need to be errors. * Skip setting includeDepth in generate This sub parser isn't allowed to use $INCLUDE directives anyway. Note: If generate is ever changed to allow $INCLUDE directives, then this line must be added back. Without doing that, it would be be possible to exceed maxIncludeDepth. * Make generateReader errors sticky ReadByte should not be called after an error has been returned, but this is cheap insurance. * Move file and lex fields to end of generateReader These are only used for creating a ParseError and so are unlikely to be accessed. * Don't return offset with error in modToPrintf Along for the ride, are some whitespace and style changes. * Add whitespace to generate and simplify step * Use a for loop instead of goto in generate * Support $INCLUDE directives inside $GENERATE directives This was previously supported and may be useful. This is now more rigorous as the maximum include depth is respected and relative $INCLUDE directives are now supported from within $GENERATE. * Don't return any lexer tokens after read error Without this, read errors are likely to be lost and become parse errors of the remaining str. The $GENERATE code relies on surfacing errors from the reader. * Support $INCLUDE in NewRR and ReadRR Removing $INCLUDE support from these is a breaking change and should not be included in this pull request. * Add test to ensure $GENERATE respects $INCLUDE support * Unify TestZoneParserIncludeDisallowed with other tests * Remove stray whitespace from TestGenerateSurfacesErrors * Move ZoneParser SetX methods above Err method * $GENERATE should not accept step of 0 If step is allowed to be 0, then generateReader (and the code it replaced) will get stuck in an infinite loop. This is a potential DOS vulnerability. * Fix ReadRR comment for file argument I missed this previosuly. The file argument is also used to resolve relative $INCLUDE directives. * Prevent test panics on nil error * Rework ZoneParser.subNext This is slightly cleaner and will close the underlying *os.File even if an error occurs. * Make ZoneParser.generate call subNext This also moves the calls to setParseError into generate. * Report errors when parsing rest of $GENERATE directive * Report proper error location in $GENERATE directive This makes error messages much clearer. * Simplify modToPrintf func Note: When width is 0, the leading 0 of the fmt string is now excluded. This should not alter the formatting of numbers in anyway. * Add comment explaining sub field * Remove outdated error comment from generate
2018-10-20 01:17:56 +00:00
as = fmt.Sprintf(" as `%s'", includePath)
}
Add new ZoneParser API (#794) * Improve ParseZone tests * Add new ZoneParser API * Use the ZoneParser API directly in ReadRR * Merge parseZoneHelper into ParseZone * Make generate string building slightly more efficient * Add SetDefaultTTL method to ZoneParser This makes it possible for external consumers to implement ReadRR. * Make $INCLUDE directive opt-in The $INCLUDE directive opens a user controlled file and parses it as a DNS zone file. The error messages may reveal portions of sensitive files, such as: /etc/passwd: dns: not a TTL: "root:x:0:0:root:/root:/bin/bash" at line: 1:31 /etc/shadow: dns: not a TTL: "root:$6$<redacted>::0:99999:7:::" at line: 1:125 Both ParseZone and ReadRR are currently opt-in for backward compatibility. * Disable $INCLUDE support in ReadRR ReadRR and NewRR are often passed untrusted input. At the same time, $INCLUDE isn't really useful for ReadRR as it only ever returns the first record. This is a breaking change, but it currently represents a slight security risk. * Document the need to drain the ParseZone chan * Cleanup the documentation of NewRR, ReadRR and ParseZone * Document the ZoneParser API * Deprecated the ParseZone function * Add whitespace to ZoneParser.Next * Remove prevName field from ZoneParser This doesn't track anything meaningful as both zp.prevName and h.Name are only ever set at the same point and to the same value. * Use uint8 for ZoneParser.include field It has a maximum value of 7 which easily fits within uint8. This reduces the size of ZoneParser from 160 bytes to 152 bytes. * Add setParseError helper