From 2e6cd26cecb7e2ea53db8aefa840f5a04bcfc0d1 Mon Sep 17 00:00:00 2001 From: Yiyang Kang Date: Wed, 23 Nov 2022 05:09:54 +0800 Subject: [PATCH 1/2] fix: domain name validation hopefully --- cmds/dig.go | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/cmds/dig.go b/cmds/dig.go index e61c1ab..c168b56 100644 --- a/cmds/dig.go +++ b/cmds/dig.go @@ -12,6 +12,7 @@ import ( "time" "github.com/go-errors/errors" + "golang.org/x/net/idna" "git.gensokyo.cafe/kkyy/tgbot_misaka_5882f7/utils" ) @@ -27,7 +28,7 @@ var ( digErrInvalidArgs = fmt.Errorf("invalid request") - digDnsNameRe = regexp.MustCompile(`^([a-z0-9_-]+\.?)+|\.$`) + digIdnaMapper = idna.New(idna.MapForLookup(), idna.StrictDomainName(false)) ) type DigRequest struct { @@ -61,8 +62,8 @@ func NewDigRequest(req string) (*DigRequest, error) { return ret, nil } - name := strings.ToLower(args[0]) - if !digDnsNameRe.Match([]byte(name)) { + name, err := digIdnaMapper.ToASCII(args[0]) + if err != nil { return nil, digErrInvalidArgs } ret.Name = name From 0c70dc976a873a5b6f165dc041e402b6bd7f162b Mon Sep 17 00:00:00 2001 From: Yiyang Kang Date: Wed, 23 Nov 2022 05:10:20 +0800 Subject: [PATCH 2/2] build: update go.mod --- go.mod | 2 ++ go.sum | 4 ++++ 2 files changed, 6 insertions(+) diff --git a/go.mod b/go.mod index fe355ed..d2f6cfa 100644 --- a/go.mod +++ b/go.mod @@ -7,6 +7,7 @@ require ( github.com/goccy/go-json v0.9.11 github.com/samber/lo v1.35.0 go.uber.org/zap v1.23.0 + golang.org/x/net v0.2.0 gopkg.in/telebot.v3 v3.1.2 ) @@ -14,4 +15,5 @@ require ( go.uber.org/atomic v1.10.0 // indirect go.uber.org/multierr v1.8.0 // indirect golang.org/x/exp v0.0.0-20220303212507-bbda1eaf7a17 // indirect + golang.org/x/text v0.4.0 // indirect ) diff --git a/go.sum b/go.sum index 1dca0f4..9d2adf4 100644 --- a/go.sum +++ b/go.sum @@ -486,6 +486,8 @@ golang.org/x/net v0.0.0-20220325170049-de3da57026de/go.mod h1:CfG3xpIq0wQ8r1q4Su golang.org/x/net v0.0.0-20220412020605-290c469a71a5/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220520000938-2e3eb7b945c2/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= +golang.org/x/net v0.2.0 h1:sZfSu1wtKLGlWI4ZZayP0ck9Y73K1ynO6gqzTdBVdPU= +golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -607,6 +609,8 @@ golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg= +golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=