Bug #101684 for Net-DNS: Net::DNS better verification... bug/feature?

Hi, Not sure if it's considered a bug or a feature that Net::DNS silently ignores several input errors. At XS4ALL, we are trying to use it for input verification, but it's currently ignoring most errors. I've attached a patch that adds input verification for A and AAAA records, and that makes sure additional tokens aren't being ignored. As an example, the following records are currently (Net::DNS 0.82) parsed without any warning: $ perl -MNet::DNS -wnle 'Net::DNS::RR->new($_)' x A 1.2.3.4 5 x A 1.2.3.4.5 x AAAA ::1::2 ^D Note that the patch to detect unprocessed tokens in Net::DNS::RR sub _new_string is ugly, but this is just a quick first pass. It's probably better to change every sub parse_rdata in each Net::DNS::RR::* subclass, and end it with something like: @_ and die "Extra tokens @_ for " . $self->name() . " " . $self->type(); This will break backward compatibility for those who are currently relying on the fact that Net::DNS silently ignores most errors. Not sure if anyone does that, on purpose. Also, the test cases in t/05-AAAA.t had some illegal IPv6 addresses in the last block (stuff like "1:"). I've removed all IPv6 addresses that libc inet_pton() doesn't parse, as those are all rejected by the new Net::DNS::RR::AAAA. Likewise, IPv4 addresses such as 1.258 are rejected because the previous Net::DNS::RR::A implementation parsed those differently than libc did (libc turns it into 1.0.1.2, while Net::DNS::RR::A turns it into 1.0.0.2, truncating the high bits off of the 258). If you believe that this feature is beneficial, I'm willing to invest some more time in verification of other resource records, or at least the most common ones. Also if you think this might be a good thing but in a slightly different way, let me know and I can submit a modified patch. (Should there be a full-backward-compatibility switch?) Best regards, -- Jan-Pieter Cornet <johnpc@xs4all.net> Systeembeheer XS4ALL Internet bv www.xs4all.nl