1 files changed, 14 insertions, 48 deletions
diff --git a/networking/udhcp/dhcpc.c b/networking/udhcp/dhcpc.c
index 5a1f8fd7a..6422181da 100644
--- a/networking/udhcp/dhcpc.c
+++ b/networking/udhcp/dhcpc.c
@@ -159,61 +159,27 @@ static int mton(uint32_t mask)
 }
 #if ENABLE_FEATURE_UDHCPC_SANITIZEOPT
-/* Check if a given label represents a valid DNS label
+/* Check if a given name represents a valid DNS name */
- * Return pointer to the first character after the label
+/* See RFC1035, 2.3.1 */
- * (NUL or dot) upon success, NULL otherwise.
- * See RFC1035, 2.3.1
- */
 /* We don't need to be particularly anal. For example, allowing _, hyphen
 * at the end, or leading and trailing dots would be ok, since it
- * can't be used for attacks. (Leading hyphen can be, if someone uses
+ * can't be used for attacks. (Leading hyphen can be, if someone uses cmd "$hostname"
- * cmd "$hostname"
 * in the script: then hostname may be treated as an option)
 */
-static const char *valid_domain_label(const char *label)
-{
-        unsigned char ch;
-        //unsigned pos = 0;
-        if (label[0] == '-')
-                return NULL;
-        for (;;) {
-                ch = *label;
-                if ((ch|0x20) < 'a' || (ch|0x20) > 'z') {
-                        if (ch < '0' || ch > '9') {
-                                if (ch == '\0' || ch == '.')
-                                        return label;
-                                /* DNS allows only '-', but we are more permissive */
-                                if (ch != '-' && ch != '_')
-                                        return NULL;
-                        }
-                }
-                label++;
-                //pos++;
-                //Do we want this?
-                //if (pos > 63) /* NS_MAXLABEL; labels must be 63 chars or less */
-                //      return NULL;
-        }
-}
-/* Check if a given name represents a valid DNS name */
-/* See RFC1035, 2.3.1 */
 static int good_hostname(const char *name)
 {
-        //const char *start = name;
+        if (*name == '-') /* Can't start with '-' */
+                return 0;
-        for (;;) {
-                name = valid_domain_label(name);
+        while (*name) {
-                if (!name)
+                unsigned char ch = *name++;
-                        return 0;
+                if (!isalnum(ch))
-                if (!name[0])
+                        /* DNS allows only '-', but we are more permissive */
-                        return 1;
+                        if (ch != '-' && ch != '_' && ch != '.')
-                        //Do we want this?
+                                return 0;
-                        //return ((name - start) < 1025); /* NS_MAXDNAME */
+                // TODO: do we want to validate lengths against NS_MAXLABEL and NS_MAXDNAME?
-                name++;
-                if (*name == '\0')
-                        return 1; // We allow trailing dot too
        }
+        return 1;
 }
 #else
 # define good_hostname(name) 1

diff --git a/networking/udhcp/dhcpc.c b/networking/udhcp/dhcpc.c index 5a1f8fd7a..6422181da 100644 --- a/networking/udhcp/dhcpc.c +++ b/networking/udhcp/dhcpc.c
@@ -159,61 +159,27 @@ static int mton(uint32_t mask)
159	}	159	}
160		160
161	#if ENABLE_FEATURE_UDHCPC_SANITIZEOPT	161	#if ENABLE_FEATURE_UDHCPC_SANITIZEOPT
162	/* Check if a given label represents a valid DNS label	162	/* Check if a given name represents a valid DNS name */
163	* Return pointer to the first character after the label	163	/* See RFC1035, 2.3.1 */
164	* (NUL or dot) upon success, NULL otherwise.
165	* See RFC1035, 2.3.1
166	*/
167	/* We don't need to be particularly anal. For example, allowing _, hyphen	164	/* We don't need to be particularly anal. For example, allowing _, hyphen
168	* at the end, or leading and trailing dots would be ok, since it	165	* at the end, or leading and trailing dots would be ok, since it
169	* can't be used for attacks. (Leading hyphen can be, if someone uses	166	* can't be used for attacks. (Leading hyphen can be, if someone uses cmd "$hostname"
170	* cmd "$hostname"
171	* in the script: then hostname may be treated as an option)	167	* in the script: then hostname may be treated as an option)
172	*/	168	*/
173	static const char valid_domain_label(const char label)
174	{
175	unsigned char ch;
176	//unsigned pos = 0;
177
178	if (label[0] == '-')
179	return NULL;
180	for (;;) {
181	ch = *label;
182	if ((ch\|0x20) < 'a' \|\| (ch\|0x20) > 'z') {
183	if (ch < '0' \|\| ch > '9') {
184	if (ch == '\0' \|\| ch == '.')
185	return label;
186	/* DNS allows only '-', but we are more permissive */
187	if (ch != '-' && ch != '_')
188	return NULL;
189	}
190	}
191	label++;
192	//pos++;
193	//Do we want this?
194	//if (pos > 63) /* NS_MAXLABEL; labels must be 63 chars or less */
195	// return NULL;
196	}
197	}
198
199	/* Check if a given name represents a valid DNS name */
200	/* See RFC1035, 2.3.1 */
201	static int good_hostname(const char *name)	169	static int good_hostname(const char *name)
202	{	170	{
203	//const char *start = name;	171	if (name == '-') / Can't start with '-' */
204		172	return 0;
205	for (;;) {	173
206	name = valid_domain_label(name);	174	while (*name) {
207	if (!name)	175	unsigned char ch = *name++;
208	return 0;	176	if (!isalnum(ch))
209	if (!name[0])	177	/* DNS allows only '-', but we are more permissive */
210	return 1;	178	if (ch != '-' && ch != '_' && ch != '.')
211	//Do we want this?	179	return 0;
212	//return ((name - start) < 1025); /* NS_MAXDNAME */	180	// TODO: do we want to validate lengths against NS_MAXLABEL and NS_MAXDNAME?
213	name++;
214	if (*name == '\0')
215	return 1; // We allow trailing dot too
216	}	181	}
		182	return 1;
217	}	183	}
218	#else	184	#else
219	# define good_hostname(name) 1	185	# define good_hostname(name) 1