[PATCH 1/2] udhcpd: sanitize invalid hostnames to match rfcs
Denys Vlasenko
vda.linux at googlemail.com
Sat Oct 24 02:54:27 UTC 2015
On Fri, Oct 23, 2015 at 6:39 AM, Isaac Dunham <ibid.ag at gmail.com> wrote:
> On Tue, Oct 20, 2015 at 11:51:51AM +0200, Bernhard Reutner-Fischer wrote:
>> [Isaac wrote:]
>> >udhcpc and dnsd might be able to use it.
>> >Other networking tools (that do DNS lookups) could use it, or could
>> >simply trust that if the user inputs an invalid name, either the DNS
>> >system will catch it or it will resolve despite the standards.
>> >
> <snip>
>> >
>> >> In a first step it would be sufficient to move this code into a
>> >function
>> >> and then look for more uses.
>> >
>> >Due to the subtle variations in what we need to cover, a function
>> >*will*
>> >be larger than the inline code, and will also require thought as to
>> >what
>> >it should cover.
>> >I don't think it's sensible to move it into a function before
>> >determining
>> >what it should do, and that it really is useful.
>>
>> bugs.busybox.net/3979#c2
>>
>> I wouldn't support broken names, it doesn't make real sense.
>>
> Agreed.
>
> What I'm not sure about is what response to bad names does make sense.
> There are several different contexts:
> - what do we do in DNS clients (netcat, wget, et al)?
> - what do we do in the DNS server?
> (I presume skip the record and return NXDOMAIN.)
> - what do we do in the DHCP server?
> Set it to an arbitrary string? (Not nice for my aplication, since if
> multiple clients send bad strings, you end up with multiple hosts named
> 'bad')
> Sanitize the name? (We were doing this poorly, hence my patch.)
> Clear the name? (I need a hostname generator anyhow, so this would
> be nicest for me.)
> - what about dumpleases?
> (I'd planned on fixing the DHCP server, and relying on that. But it would
> be proper to apply the same fix...)
> - what do we do in the DHCP client?
> (this is the only one that's been 'solved'.)
>
> My question was whether generalizing the 'sanitize hostname' code made
> sense. Seeing that bug, I suspect that's a better function to use for
> at least everything but the the DHCP server and dumpleases.
I committed this change:
- /* sanitization (s/non-ASCII/^/g) */
+ /*
+ * Sanitization (s/bad_char/./g).
+ * The intent is not to allow only "DNS-valid"
hostnames,
+ * but merely make dumpleases output safe for
shells to use.
+ * We accept "0-9A-Za-z._-", all other chars
turn to dots.
+ */
while (*p) {
- if (*p < ' ' || *p > 126)
- *p = '^';
+ if (!isalnum(*p) && *p != '-' && *p != '_')
+ *p = '.';
p++;
More information about the busybox
mailing list