From c79d2f05c4dea4d2ce50d6961b4afa3280f18698 Mon Sep 17 00:00:00 2001
From: Dogan Can Bakir <65292895+dogancanbakir@users.noreply.github.com>
Date: Wed, 1 Nov 2023 14:21:22 +0300
Subject: [PATCH] fix trailing dot (#4295)

* fix trailing dot

* remove trailing dot from `domain`

* remove trailing dots from answer

* remove dots

* fix integration test
---
 integration_tests/protocols/multi/dynamic-values.yaml         | 2 +-
 integration_tests/protocols/multi/evaluate-variables.yaml     | 2 +-
 integration_tests/protocols/multi/exported-response-vars.yaml | 2 +-
 pkg/protocols/dns/operators.go                                | 2 +-
 pkg/protocols/dns/request.go                                  | 1 +
 pkg/tmplexec/multiproto/testcases/multiprotodynamic.yaml      | 2 +-
 pkg/tmplexec/multiproto/testcases/multiprotowithprefix.yaml   | 2 +-
 7 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/integration_tests/protocols/multi/dynamic-values.yaml b/integration_tests/protocols/multi/dynamic-values.yaml
index 12f429ce5..2bd311348 100644
--- a/integration_tests/protocols/multi/dynamic-values.yaml
+++ b/integration_tests/protocols/multi/dynamic-values.yaml
@@ -13,7 +13,7 @@ dns:
       - type: dsl
         name: blogid
         dsl:
-          - trim_suffix(cname,'.ghost.io.')
+          - trim_suffix(cname,'.ghost.io')
         internal: true
 
 http:
diff --git a/integration_tests/protocols/multi/evaluate-variables.yaml b/integration_tests/protocols/multi/evaluate-variables.yaml
index 49b223856..f1a6fd98c 100644
--- a/integration_tests/protocols/multi/evaluate-variables.yaml
+++ b/integration_tests/protocols/multi/evaluate-variables.yaml
@@ -7,7 +7,7 @@ info:
 
 
 variables:
-  cname_filtered: '{{trim_suffix(dns_cname,".ghost.io.")}}'
+  cname_filtered: '{{trim_suffix(dns_cname,".ghost.io")}}'
 
 dns:
   - name: "{{FQDN}}" # DNS Request
diff --git a/integration_tests/protocols/multi/exported-response-vars.yaml b/integration_tests/protocols/multi/exported-response-vars.yaml
index b6ba3ea24..1edfa65f3 100644
--- a/integration_tests/protocols/multi/exported-response-vars.yaml
+++ b/integration_tests/protocols/multi/exported-response-vars.yaml
@@ -21,6 +21,6 @@ http:
       - type: dsl
         dsl:
           - contains(http_body,'ProjectDiscovery.io') # check for http string
-          - trim_suffix(dns_cname,'.ghost.io.') == 'projectdiscovery' # check for cname (extracted information from dns response)
+          - trim_suffix(dns_cname,'.ghost.io') == 'projectdiscovery' # check for cname (extracted information from dns response)
           - ssl_subject_cn == 'blog.projectdiscovery.io'
         condition: and
\ No newline at end of file
diff --git a/pkg/protocols/dns/operators.go b/pkg/protocols/dns/operators.go
index a4d57b2ec..5fa5fe290 100644
--- a/pkg/protocols/dns/operators.go
+++ b/pkg/protocols/dns/operators.go
@@ -159,7 +159,7 @@ func recordsKeyValue(resourceRecords []dns.RR) output.InternalEvent {
 	var oe = make(output.InternalEvent)
 	for _, resourceRecord := range resourceRecords {
 		key := strings.ToLower(dns.TypeToString[resourceRecord.Header().Rrtype])
-		value := strings.ReplaceAll(resourceRecord.String(), resourceRecord.Header().String(), "")
+		value := strings.TrimSuffix(strings.ReplaceAll(resourceRecord.String(), resourceRecord.Header().String(), ""), ".")
 
 		// if the key is already present, we need to convert the value to a slice
 		// if the key has slice, then append the value to the slice
diff --git a/pkg/protocols/dns/request.go b/pkg/protocols/dns/request.go
index faa981da6..2b6705584 100644
--- a/pkg/protocols/dns/request.go
+++ b/pkg/protocols/dns/request.go
@@ -103,6 +103,7 @@ func (request *Request) execute(input *contextargs.Context, domain string, metad
 		question = compiledRequest.Question[0].Name
 	}
 	// remove the last dot
+	domain = strings.TrimSuffix(domain, ".")
 	question = strings.TrimSuffix(question, ".")
 
 	requestString := compiledRequest.String()
diff --git a/pkg/tmplexec/multiproto/testcases/multiprotodynamic.yaml b/pkg/tmplexec/multiproto/testcases/multiprotodynamic.yaml
index 278dc8303..edb20dfd3 100644
--- a/pkg/tmplexec/multiproto/testcases/multiprotodynamic.yaml
+++ b/pkg/tmplexec/multiproto/testcases/multiprotodynamic.yaml
@@ -13,7 +13,7 @@ dns:
       - type: dsl
         name: blogid
         dsl:
-          - trim_suffix(cname,'.ghost.io.')
+          - trim_suffix(cname,'.ghost.io')
         internal: true
 
 
diff --git a/pkg/tmplexec/multiproto/testcases/multiprotowithprefix.yaml b/pkg/tmplexec/multiproto/testcases/multiprotowithprefix.yaml
index cc161796e..61dc410ae 100644
--- a/pkg/tmplexec/multiproto/testcases/multiprotowithprefix.yaml
+++ b/pkg/tmplexec/multiproto/testcases/multiprotowithprefix.yaml
@@ -21,6 +21,6 @@ http:
       - type: dsl
         dsl:
           - contains(http_body,'ProjectDiscovery.io') # check for http string
-          - trim_suffix(dns_cname,'.ghost.io.') == 'projectdiscovery' # check for cname (extracted information from dns response)
+          - trim_suffix(dns_cname,'.ghost.io') == 'projectdiscovery' # check for cname (extracted information from dns response)
           - ssl_subject_cn == 'blog.projectdiscovery.io'
         condition: and
\ No newline at end of file