diff --git a/lib/dnsbox-base/src/records/powerdns_tests.rs b/lib/dnsbox-base/src/records/powerdns_tests.rs index 503f1bc..5956100 100644 --- a/lib/dnsbox-base/src/records/powerdns_tests.rs +++ b/lib/dnsbox-base/src/records/powerdns_tests.rs @@ -828,6 +828,8 @@ fn test_invalid_data_checks() { check_invalid_zone(types::A, "10..0.1"); // empty octet check_invalid_wire(types::A, b"\xca\xec\x00"); // truncated wire value check_invalid_zone(types::A, "127.0.0.1 evil data"); // trailing garbage + check_invalid_zone(types::TXT, r#"""v=spf1 -all"#); // quoted and unquoted words need to be space separated + check_invalid_zone(types::TXT, r#"""v=spf1 -all"""#); // quoted and unquoted words need to be space separated check_invalid_zone(types::AAAA, "23:00"); // time when this test was written check_invalid_zone(types::AAAA, "23:00::15::43"); // double compression check_invalid_zone(types::AAAA, "2a23:00::15::"); // ditto diff --git a/lib/dnsbox-base/src/ser/text/quoted.rs b/lib/dnsbox-base/src/ser/text/quoted.rs index f77ce4b..f3d98ed 100644 --- a/lib/dnsbox-base/src/ser/text/quoted.rs +++ b/lib/dnsbox-base/src/ser/text/quoted.rs @@ -143,6 +143,10 @@ impl<'a, 'b: 'a> Iterator for UnquoteIterator<'a, 'b> { } if raw[self.pos] == b'"' { if self.quoted { + // either followed by end-of-string or a whitespace + if self.pos+1 < raw.len() && !is_ascii_whitespace(raw[self.pos+1]) { + return self.err("quote in the middle of quoted string"); + } // eat terminating quote // pos+1 is obviously a good utf-8 boundary *self.data = self.data[self.pos+1..].trim_left();