Skip to content

Commit

Permalink
Fixed a few max-length bugs
Browse files Browse the repository at this point in the history 
1. email addresses can be up to 256 characters (not 254)
2. local-parts can be up to 64 characters (not 63)
3. each sub-domain can be up to 64 characters (not 63)
4. top-level domains cannot be fewer than 2 characters
  • Loading branch information
@jstedfast
jstedfast committed Nov 15, 2020
1 parent 0380694 commit 298cd95
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 9 deletions.
8 changes: 6 additions & 2 deletions EmailValidation/EmailValidator.cs
View file
Expand Up @@ -139,7 +139,11 @@ static bool SkipSubDomain (string text, ref int index, bool allowInternational,
while (index < text.Length && IsDomain (text[index], allowInternational, ref type))
index++;

return (index - startIndex) < 64 && text[index - 1] != '-';
// Don't allow single-character top-level domains.
if (index == text.Length && (index - startIndex) == 1)
return false;

return (index - startIndex) <= 64 && text[index - 1] != '-';
}

static bool SkipDomain (string text, ref int index, bool allowTopLevelDomains, bool allowInternational)
Expand Down Expand Up @@ -326,7 +330,7 @@ public static bool Validate (string email, bool allowTopLevelDomains = false, bo
if (email == null)
throw new ArgumentNullException (nameof (email));

if (email.Length == 0 || email.Length >= 255)
if (email.Length == 0 || email.Length > 256)
return false;

// Local-part = Dot-string / Quoted-string
Expand Down
16 changes: 9 additions & 7 deletions UnitTests/EmailValidationTests.cs
View file
Expand Up @@ -53,7 +53,7 @@ public class EmailValidationTests
"valid.ipv6v4.addr@[IPv6:aaaa:aaaa:aaaa:aaaa:aaaa:aaaa:127.0.0.1]",
new string ('a', 63) + "@example.com", // max local-part length (63 characters)
"valid@" + new string ('a', 63) + ".com", // max subdomain length (63 characters)
"valid@" + new string ('a', 60) + "." + new string ('b', 60) + "." + new string ('c', 60) + "." + new string ('d', 61) + ".com", // max length (254 characters)
"valid@" + new string ('a', 60) + "." + new string ('b', 60) + "." + new string ('c', 60) + "." + new string ('d', 63) + ".com", // max length (256 characters)

// examples from wikipedia
"niceandsimple@example.com",
Expand Down Expand Up @@ -94,7 +94,7 @@ public class EmailValidationTests
"punycode-numbers-in-tld@sld.xn--3e0b707e",
"single-character-in-sld@x.org",
"the-character-limit@for-each-part.of-the-domain.is-sixty-three-characters.this-is-exactly-sixty-three-characters-so-it-is-valid-blah-blah.com",
"the-total-length@of-an-entire-address.cannot-be-longer-than-two-hundred-and-fifty-four-characters.and-this-address-is-254-characters-exactly.so-it-should-be-valid.and-im-going-to-add-some-more-words-here.to-increase-the-length-blah-blah-blah-blah-bla.org",
"the-total-length@of-an-entire-address.cannot-be-longer-than-two-hundred-and-fifty-six-characters.and-this-address-is-256-characters-exactly.so-it-should-be-valid.and-im-going-to-add-some-more-words-here.to-increase-the-length-blah-blah-blah-blah-blah.org",
"uncommon-tld@sld.mobi",
"uncommon-tld@sld.museum",
"uncommon-tld@sld.travel",
Expand All @@ -110,9 +110,9 @@ public class EmailValidationTests
"invalid@[127.0.0.1.]",
"invalid@[127.0.0.1].",
"invalid@[127.0.0.1]x",
new string ('a', 64) + "@example.com", // local-part too long
"invalid@" + new string ('a', 64) + ".com", // subdomain too long
"invalid@" + new string ('a', 60) + "." + new string ('b', 60) + "." + new string ('c', 60) + "." + new string ('d', 60) + ".com", // too long (255 characters)
new string ('a', 65) + "@example.com", // local-part too long
"invalid@" + new string ('a', 65) + ".com", // subdomain too long
"invalid@" + new string ('a', 60) + "." + new string ('b', 60) + "." + new string ('c', 60) + "." + new string ('d', 62) + ".com", // too long (256 characters)

// examples from wikipedia
"Abc.example.com",
Expand All @@ -139,11 +139,13 @@ public class EmailValidationTests
"missing-tld@sld.",
"sld-ends-with-dash@sld-.com",
"sld-starts-with-dashsh@-sld.com",
"the-character-limit@for-each-part.of-the-domain.is-sixty-three-characters.this-is-exactly-sixty-four-characters-so-it-is-invalid-blah-blah.com",
"the-character-limit@for-each-part.of-the-domain.is-sixty-four-characters.this-subdomain-is-exactly-sixty-five-characters-so-it-is-invalid1.com",
"the-local-part-is-invalid-if-it-is-longer-than-sixty-four-characters@sld.net",
"the-total-length@of-an-entire-address.cannot-be-longer-than-two-hundred-and-fifty-four-characters.and-this-address-is-255-characters-exactly.so-it-should-be-invalid.and-im-going-to-add-some-more-words-here.to-increase-the-lenght-blah-blah-blah-blah-bl.org",
"the-total-length@of-an-entire-address.cannot-be-longer-than-two-hundred-and-fifty-six-characters.and-this-address-is-257-characters-exactly.so-it-should-be-invalid.lets-add-some-extra-words-here.to-increase-the-length.beyond-the-256-character-limitation.org",
"two..consecutive-dots@sld.com",
"unbracketed-IP@127.0.0.1",
"dot-first-in-domain@.test.de",
"single-character-tld@ns.i",

// examples of real (invalid) input from real users.
"No longer available.",
Expand Down

0 comments on commit 298cd95

Please sign in to comment.