fix(runtime): fix panic on invalid fqdn

Fixes denoland#23552 Fixes denoland#23294
littledivy · Jun 26, 2024 · f03b3e2 · f03b3e2
1 parent a1ff1a4
commit f03b3e2
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 17 deletions.
diff --git a/runtime/ops/permissions.rs b/runtime/ops/permissions.rs
@@ -68,7  68,7 @@ pub fn op_query_permission(
         Some(h) => Some(parse_host(h)?),
       }
       .as_ref(),
-    ),
     )?,
     "env" => permissions.env.query(args.variable.as_deref()),
     "sys" => permissions
       .sys
@@ -103,7  103,7 @@ pub fn op_revoke_permission(
         Some(h) => Some(parse_host(h)?),
       }
       .as_ref(),
-    ),
     )?,
     "env" => permissions.env.revoke(args.variable.as_deref()),
     "sys" => permissions
       .sys
@@ -138,7  138,7 @@ pub fn op_request_permission(
         Some(h) => Some(parse_host(h)?),
       }
       .as_ref(),
-    ),
     )?,
     "env" => permissions.env.request(args.variable.as_deref()),
     "sys" => permissions
       .sys

diff --git a/runtime/permissions/lib.rs b/runtime/permissions/lib.rs
@@ -16,7  16,6 @@ use deno_core::url;
 use deno_core::url::Url;
 use deno_core::ModuleSpecifier;
 use deno_terminal::colors;
-use fqdn::fqdn;
 use fqdn::FQDN;
 use once_cell::sync::Lazy;
 use std::borrow::Cow;
@@ -694,8  693,9 @@ impl Descriptor for WriteDescriptor {
 pub struct NetDescriptor(pub FQDN, pub Option<u16>);
 
 impl NetDescriptor {
-  fn new<T: AsRef<str>>(host: &&(T, Option<u16>)) -> Self {
-    NetDescriptor(fqdn!(host.0.as_ref()), host.1)
   fn new<T: AsRef<str>>(host: &&(T, Option<u16>)) -> Result<Self, AnyError> {
     let fqdn = host.0.as_ref().parse::<FQDN>()?;
     Ok(NetDescriptor(fqdn, host.1))
   }
 }
 
@@ -741,7  741,8 @@ impl FromStr for NetDescriptor {
       .ok_or(url::ParseError::EmptyHost)?
       .to_string();
 
-    Ok(NetDescriptor(fqdn!(&hostname), url.port()))
     let fqdn = hostname.parse::<FQDN>()?;
     Ok(NetDescriptor(fqdn, url.port()))
   }
 }
 
@@ -1108,25  1109,32 @@ impl UnaryPermission<NetDescriptor> {
   pub fn query<T: AsRef<str>>(
     &self,
     host: Option<&(T, Option<u16>)>,
-  ) -> PermissionState {
-    self.query_desc(
-      host.map(|h| NetDescriptor::new(&h)).as_ref(),
   ) -> Result<PermissionState, AnyError> {
     Ok(self.query_desc(
       host.map(|h| NetDescriptor::new(&h)).transpose()?.as_ref(),
       AllowPartial::TreatAsPartialGranted,
-    )
     ))
   }
 
   pub fn request<T: AsRef<str>>(
     &mut self,
     host: Option<&(T, Option<u16>)>,
-  ) -> PermissionState {
-    self.request_desc(host.map(|h| NetDescriptor::new(&h)).as_ref(), || None)
   ) -> Result<PermissionState, AnyError> {
     Ok(self.request_desc(
       host.map(|h| NetDescriptor::new(&h)).transpose()?.as_ref(),
       || None,
     ))
   }
 
   pub fn revoke<T: AsRef<str>>(
     &mut self,
     host: Option<&(T, Option<u16>)>,
-  ) -> PermissionState {
-    self.revoke_desc(host.map(|h| NetDescriptor::new(&h)).as_ref())
   ) -> Result<PermissionState, AnyError> {
     Ok(
       self.revoke_desc(
         host.map(|h| NetDescriptor::new(&h)).transpose()?.as_ref(),
       ),
     )
   }
 
   pub fn check<T: AsRef<str>>(
@@ -1135,7  1143,7 @@ impl UnaryPermission<NetDescriptor> {
     api_name: Option<&str>,
   ) -> Result<(), AnyError> {
     skip_check_if_is_permission_fully_granted!(self);
-    self.check_desc(Some(&NetDescriptor::new(&host)), false, api_name, || None)
     self.check_desc(Some(&NetDescriptor::new(&host)?), false, api_name, || None)
   }
 
   pub fn check_url(
@@ -1153,7  1161,7 @@ impl UnaryPermission<NetDescriptor> {
       None => hostname.clone(),
       Some(port) => format!("{hostname}:{port}"),
     };
-    self.check_desc(Some(&NetDescriptor::new(&host)), false, api_name, || {
     self.check_desc(Some(&NetDescriptor::new(&host)?), false, api_name, || {
       Some(format!("\"{}\"", display_host))
     })
   }

diff --git a/tests/unit/net_test.ts b/tests/unit/net_test.ts
@@ -1272,3  1272,10 @@ Deno.test(
     // calling [Symbol.dispose] after manual close is a no-op
   },
 );
 
 Deno.test(
   { permissions: { net: false } },
   function invalidFQDN() {
     assertThrows(() => Deno.connect({ hostname: "[email protected].", port: 1 }));
   },
 );