[PATCH 1/2] udhcpd: sanitize invalid hostnames to match rfcs
walter harms
wharms at bfs.de
Sun Oct 18 17:55:38 UTC 2015
Am 18.10.2015 07:54, schrieb Isaac Dunham:
> RFC952/RFC1123 limit the characters in a hostname for a node to
> [-a-zA-Z0-9], with '-' being legal only in the middle; we were
> accepting everything from ' ' to '~'.
> (As a byproduct of this, the hostname in dumpleases can now be safely
> used from scripts without sanitization.)
>
> function old new delta
> add_lease 326 363 +37
> ------------------------------------------------------------------------------
> (add/remove: 0/0 grow/shrink: 1/0 up/down: 37/0) Total: 37 bytes
> text data bss dec hex filename
> 892983 6844 7288 907115 dd76b busybox_old
> 893020 6844 7288 907152 dd790 busybox_unstripped
> ---
> networking/udhcp/leases.c | 13 ++++++++++---
> 1 file changed, 10 insertions(+), 3 deletions(-)
>
> diff --git a/networking/udhcp/leases.c b/networking/udhcp/leases.c
> index 745340a..1f7af87 100644
> --- a/networking/udhcp/leases.c
> +++ b/networking/udhcp/leases.c
> @@ -65,12 +65,19 @@ struct dyn_lease* FAST_FUNC add_lease(
> if (hostname_len > sizeof(oldest->hostname))
> hostname_len = sizeof(oldest->hostname);
> p = safe_strncpy(oldest->hostname, hostname, hostname_len);
> - /* sanitization (s/non-ASCII/^/g) */
> + /* sanitization - per rfcs 952 & 1123 only [-a-zA-Z0-9] are legal
> + * with '-' being allowed only in the middle
> + */
> while (*p) {
> - if (*p < ' ' || *p > 126)
> - *p = '^';
> + if (! (isupper((char)*p) || islower((char)*p) ||
> + isdigit((char)*p) || (char)*p == '-') )
> + *p = '-';
> p++;
> }
> + if (p--, *p == '-')
> + *p = 'X';
> + if (p = oldest->hostname, *p == '-')
> + *p = 'X';
> }
> if (chaddr)
> memcpy(oldest->lease_mac, chaddr, 6);
since several tools check for hostnames,
maybe it is useful to make this a function ?
re,
wh
More information about the busybox
mailing list