Context options' values are not validated
Closed this issue · 2 comments
If a value of the wrong type, or the wrong range/format, is passed to getdns.createContext(options) nothing happens.
The bad value is either:
- Ignored, if the type is wrong.
- Not set by getdns, as the return value from the call to
getdns_context_set_*is never checked.
This means users may not know that they misconfigured their getdns context. The worst output would be if a security settings would be wrong, such as dnssec_return_only_secure: 1 instead of dnssec_return_only_secure: true. This would silently fail and leave the value as the default dnssec_return_only_secure: false. The user would probably not check to see if all values had a good DNSSEC return value, but trust getdns-node to have done so before returning the replies, completely negating the security measure.
In a closely related issue, an unknown or misspelled property would also not render any feedback to the user. This means that dnsec_return_only_secure: true would be silently ignored, again leaving the user thinking that the replies would be secure when they might not be.
Two additional unhandled cases:
- The type of
optionsis notundefinednorobject. - The number of arguments to
createContext(...)is not0nor1.