BIND allows “*” to be used as a normal character in any position.
The wildcard "*" is supposed to appear only in the lowest level of a domain name, however, as described in CVE-2020-8619, bind allows the use of "*" in any byte of a zone file, which may lead to security issues. As far as I know, in the BIND 9.17.5 version that I use, BIND treats "*" as a normal character like "abcd", and also allows other characters like "?". Is this what BIND expects? BIND may not pay enough attention to the abuse of "*". This is my zone file
com.example.*. 500 IN SOA ns1.outside.edu. root.campus.edu. 3 6048 86400 2419200 6048
com.example.*. 500 IN NS ns1.outside.edu.
com.example.*. 500 IN A 1.1.1.1
This is my query <example.com.example.*. IN A> The response is
“opcode QUERY”,
“rcode NOERROR”,
“flags QR AA”,
“;QUESTION”,
"example.com.example.*. IN A",
“;ANSWER”,
“example.com.example.*. 500 IN A 1.1.1.1",
“;AUTHORITY”,
"com.example.. 500 IN NS ns1.outside.edu.”,
“;ADDITIONAL”