bd9891dc4d
Perhaps the ugliest part of the DNS extension, it is also the most crucial. This method ensures that a given resource and response are appropriate for each other. It must also prevent RCE vulns since the input is eval'd later on. However, HINFO, MINFO, and especially TXT validation is not strict enough. These three need to be reviewed scrupulously since a 100% anti-RCE solution may prove to be difficult.