net: consider rejecting null byte in LookupHost (and similar) on all platforms consistently #37044
Labels
NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
This is a followup to issues #31597 and #37031.
It is my current understanding that no valid host can contain the null byte ('\x00'), so any such string input is not valid.
net.LookupHost
currently operates differently when given an input that contains a null byte. For example, fornet.LookupHost("foo\x00bar")
:net.LookupHost("foo")
It seems that the
getaddrinfo
C API used on many platforms accepts a null-terminated C-style string and cannot be given a string containing null bytes.As @ianlancetaylor points out, in the
syscall
package we reject strings with embedded null bytes, since they won't work with system calls that expect C strings, seesyscall.ByteSliceFromString
.Perhaps this is an opportunity to make Go operate more consistently on such inputs on all platforms by reporting an error when the
name
string contains a null byte. There may be more functions innet
that could benefit from this input validation, but to be able to make this change, we need to be confident that this change won't break correct Go programs./cc @FiloSottile @ianlancetaylor @mikioh @bradfitz
The text was updated successfully, but these errors were encountered: