1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
--- usr.sbin/rtsold/rtsol.c.orig
+++ usr.sbin/rtsold/rtsol.c
@@ -776,6 +776,41 @@
argv[0], status);
}
+#define PERIOD 0x2e
+#define hyphenchar(c) ((c) == 0x2d)
+#define periodchar(c) ((c) == PERIOD)
+#define alphachar(c) (((c) >= 0x41 && (c) <= 0x5a) || \
+ ((c) >= 0x61 && (c) <= 0x7a))
+#define digitchar(c) ((c) >= 0x30 && (c) <= 0x39)
+
+#define borderchar(c) (alphachar(c) || digitchar(c))
+#define middlechar(c) (borderchar(c) || hyphenchar(c))
+
+static int
+res_hnok(const char *dn)
+{
+ int pch = PERIOD, ch = *dn++;
+
+ while (ch != '\0') {
+ int nch = *dn++;
+
+ if (periodchar(ch)) {
+ ;
+ } else if (periodchar(pch)) {
+ if (!borderchar(ch))
+ return (0);
+ } else if (periodchar(nch) || nch == '\0') {
+ if (!borderchar(ch))
+ return (0);
+ } else {
+ if (!middlechar(ch))
+ return (0);
+ }
+ pch = ch, ch = nch;
+ }
+ return (1);
+}
+
/* Decode domain name label encoding in RFC 1035 Section 3.1 */
static size_t
dname_labeldec(char *dst, size_t dlen, const char *src)
@@ -804,12 +839,11 @@
}
*dst = '\0';
- /*
- * XXX validate that domain name only contains valid characters
- * for two reasons: 1) correctness, 2) we do not want to pass
- * possible malicious, unescaped characters like `` to a script
- * or program that could be exploited that way.
- */
+ if (!res_hnok(dst_origin)) {
+ warnmsg(LOG_INFO, __func__,
+ "invalid domain name '%s' was ignored", dst_origin);
+ return (0);
+ }
return (src - src_origin);
}
|
