[PATCH 1/2] udhcpd: sanitize invalid hostnames to match rfcs

Denys Vlasenko vda.linux at googlemail.com
Sat Oct 24 02:54:27 UTC 2015


On Fri, Oct 23, 2015 at 6:39 AM, Isaac Dunham <ibid.ag at gmail.com> wrote:
> On Tue, Oct 20, 2015 at 11:51:51AM +0200, Bernhard Reutner-Fischer wrote:
>> [Isaac wrote:]
>> >udhcpc and dnsd might be able to use it.
>> >Other networking tools (that do DNS lookups) could use it, or could
>> >simply trust that if the user inputs an invalid name, either the DNS
>> >system will catch it or it will resolve despite the standards.
>> >
> <snip>
>> >
>> >> In a first step it would be sufficient to move this code into a
>> >function
>> >> and then look for more uses.
>> >
>> >Due to the subtle variations in what we need to cover, a function
>> >*will*
>> >be larger than the inline code, and will also require thought as to
>> >what
>> >it should cover.
>> >I don't think it's sensible to move it into a function before
>> >determining
>> >what it should do, and that it really is useful.
>>
>> bugs.busybox.net/3979#c2
>>
>> I wouldn't support broken names, it doesn't make real sense.
>>
> Agreed.
>
> What I'm not sure about is what response to bad names does make sense.
> There are several different contexts:
> - what do we do in DNS clients (netcat, wget, et al)?
> - what do we do in the DNS server?
>  (I presume skip the record and return NXDOMAIN.)
> - what do we do in the DHCP server?
>  Set it to an arbitrary string? (Not nice for my aplication, since if
>  multiple clients send bad strings, you end up with multiple hosts named
>  'bad')
>  Sanitize the name? (We were doing this poorly, hence my patch.)
>  Clear the name? (I need a hostname generator anyhow, so this would
>  be nicest for me.)
> - what about dumpleases?
>  (I'd planned on fixing the DHCP server, and relying on that. But it would
>  be proper to apply the same fix...)
> - what do we do in the DHCP client?
>  (this is the only one that's been 'solved'.)
>
> My question was whether generalizing the 'sanitize hostname' code made
> sense. Seeing that bug, I suspect that's a better function to use for
> at least everything but the the DHCP server and dumpleases.

I committed this change:

-                       /* sanitization (s/non-ASCII/^/g) */
+                       /*
+                        * Sanitization (s/bad_char/./g).
+                        * The intent is not to allow only "DNS-valid"
hostnames,
+                        * but merely make dumpleases output safe for
shells to use.
+                        * We accept "0-9A-Za-z._-", all other chars
turn to dots.
+                        */
                        while (*p) {
-                               if (*p < ' ' || *p > 126)
-                                       *p = '^';
+                               if (!isalnum(*p) && *p != '-' && *p != '_')
+                                       *p = '.';
                                p++;


More information about the busybox mailing list