Validate the input domain name.

bytecodealliance · Oct 3, 2023 · 12977e4 · 12977e4
1 parent 6e2605b
commit 12977e4
Show file tree

Hide file tree

Showing 5 changed files with 17 additions and 5 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -270,6 +270,7 @@ pretty_env_logger = "0.5.0"
 syn = "2.0.25"
 test-log = { version = "0.2", default-features = false, features = ["trace"] }
 tracing-subscriber = { version = "0.3.1", default-features = false, features = ['fmt', 'env-filter'] }
+url = "2.3.1"
 
 [features]
 default = [

diff --git a/crates/test-programs/wasi-sockets-tests/src/bin/ip_name_lookup.rs b/crates/test-programs/wasi-sockets-tests/src/bin/ip_name_lookup.rs
@@ -11,10 +11,8 @@ fn main() {
     poll::poll_one(&pollable);
     assert!(addresses.resolve_next_address().is_ok());
 
-    let addresses = ip_name_lookup::resolve_addresses(&network, "a.b<&>", None, false).unwrap();
-    let pollable = addresses.subscribe();
-    poll::poll_one(&pollable);
-    assert!(addresses.resolve_next_address().is_err());
+    let result = ip_name_lookup::resolve_addresses(&network, "a.b<&>", None, false);
+    assert!(matches!(result, Err(network::ErrorCode::InvalidName)));
 
     // Try resolving a valid address and ensure that it eventually terminates.
     // To help prevent this test from being flaky this additionally times out

diff --git a/crates/wasi/Cargo.toml b/crates/wasi/Cargo.toml
@@ -22,6 +22,7 @@ wiggle = { workspace = true, optional = true }
 libc = { workspace = true }
 once_cell = { workspace = true }
 log = { workspace = true }
+url = { workspace = true }
 
 tokio = { workspace = true, optional = true, features = ["time", "sync", "io-std", "io-util", "rt", "rt-multi-thread", "net"] }
 bytes = { workspace = true }

diff --git a/crates/wasi/src/preview2/ip_name_lookup.rs b/crates/wasi/src/preview2/ip_name_lookup.rs
@@ -26,7 +26,18 @@ impl<T: WasiView> Host for T {
         family: Option<IpAddressFamily>,
         include_unavailable: bool,
     ) -> Result<Resource<ResolveAddressStream>, Error> {
-        if !self.table().get_resource(&network)?.allow_ip_name_lookup {
+        let network = self.table().get_resource(&network)?;
+
+        // `Host::parse` serves us two functions:
+        // 1. validate the input is not an IP address,
+        // 2. convert unicode domains to punycode.
+        let name = match url::Host::parse(&name).map_err(|_| ErrorCode::InvalidName)? {
+            url::Host::Domain(name) => name,
+            url::Host::Ipv4(_) => return Err(ErrorCode::InvalidName.into()),
+            url::Host::Ipv6(_) => return Err(ErrorCode::InvalidName.into()),
+        };
+
+        if !network.allow_ip_name_lookup {
             return Err(ErrorCode::PermanentResolverFailure.into());
         }