LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Potential pitfalls in DNS handling

Potential pitfalls in DNS handling

Posted Nov 16, 2012 17:57 UTC (Fri) by hawk (subscriber, #3195)
In reply to: Potential pitfalls in DNS handling by epa
Parent article: Potential pitfalls in DNS handling

I guess the point is that "the common foo.bar.com DNS notation" is not really "DNS notation" at all but a common domain name notation used in the operating system/application layers regardless of resolution mechanism.

In fact, it's clearly a different notation from the one that the DNS protocol uses, so there being a difference in capability there is not hugely surprising.

For the actual DNS protocol it's not actually that shocking, there dots have no special meaning and the same applies to any other byte value.
Instead, of the dot-separation the DNS protocol prefixes each label by an integer specifying the length.

However, there being a difference between the capabilities of how domain names are handled by the OS/application and by DNS and possibly other resolution mechanisms in use clearly creates an opportunity for confusion/inconsistency/disaster/... when mapping between the native format of each resolution mechanism (the 8bit clean "DNS wire notation" in the case of DNS) and the "string representation with dot-separation".

I suppose the idea is that the resolver library in the operating system ought to take care of this mapping (escaping or discarding or whatever should be done for names that can not be represented in the dot-separated string notation) once and for all and let the applications just do their thing.

(Log in to post comments)

Potential pitfalls in DNS handling

Posted Nov 16, 2012 23:54 UTC (Fri) by Comet (subscriber, #11646) [Link]

The bind library does.

That doesn't stop people writing code like:

labels = result.split('.')
shorthost = labels[0]

If you split on '.', then you break when presented with the escaped form '\.' as you'll do an extra split. You might get away with it when only looking for the TLD, or just sorting data and rejoining the strings.

So, there's an escaping mechanism, it helps a lot of the time, but other times it produces surprising results and you need to at least know that the escaping mechanism is in use.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds