net: bring domain name length checks into RFC compliance

The 255-octet limit applies to wire format, not presentation format. Fixes #17549 Change-Id: I2b5181c53fba32fea60178e0d8df9114aa992b55 Reviewed-on: https://go-review.googlesource.com/31722 Run-TryBot: Russ Cox <rsc@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Russ Cox <rsc@golang.org>
2025-12-08 06:10:04 +00:00 · 2016-10-22 00:21:18 -04:00 · 2016-10-22 00:21:18 -04:00 · 9a5bddd7ed
commit 9a5bddd7ed
parent add721ef91
4 changed files with 90 additions and 21 deletions
--- a/src/net/dnsclient_unix.go
+++ b/src/net/dnsclient_unix.go
@ -362,14 +362,21 @@ func (conf *dnsConfig) nameList(name string) []string {
 		return nil
 	}

+	// Check name length (see isDomainName).
+	l := len(name)
+	rooted := l > 0 && name[l-1] == '.'
+	if l > 254 || l == 254 && rooted {
+		return nil
+	}
+
 	// If name is rooted (trailing dot), try only that name.
-	rooted := len(name) > 0 && name[len(name)-1] == '.'
 	if rooted {
 		return []string{name}
 	}

 	hasNdots := count(name, '.') >= conf.ndots
 	name += "."
+	l++

 	// Build list of search choices.
 	names := make([]string, 0, 1+len(conf.search))
@ -377,9 +384,11 @@ func (conf *dnsConfig) nameList(name string) []string {
 	if hasNdots {
 		names = append(names, name)
 	}
-	// Try suffixes.
+	// Try suffixes that are not too long (see isDomainName).
 	for _, suffix := range conf.search {
-		names = append(names, name+suffix)
+		if l+len(suffix) <= 254 {
+			names = append(names, name+suffix)
+		}
 	}
 	// Try unsuffixed, if not tried first above.
 	if !hasNdots {