From 1dfbf0007af3023c2e3ae8282a0d0f229f3a89e3 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Sun, 29 Nov 2015 14:27:28 +0100 Subject: dns-domain: don't accept overly long hostnames Make sure dns_name_normalize(), dns_name_concat(), dns_name_is_valid() do not accept/generate invalidly long hostnames, i.e. longer than 253 characters. --- src/shared/dns-domain.c | 3 +++ src/shared/dns-domain.h | 3 +++ src/test/test-dns-domain.c | 18 ++++++++++++++++++ 3 files changed, 24 insertions(+) diff --git a/src/shared/dns-domain.c b/src/shared/dns-domain.c index 7a4093cc47..ab61eb3b6e 100644 --- a/src/shared/dns-domain.c +++ b/src/shared/dns-domain.c @@ -442,6 +442,9 @@ int dns_name_concat(const char *a, const char *b, char **_ret) { n += r; } + if (n > DNS_HOSTNAME_MAX) + return -EINVAL; + if (_ret) { if (!GREEDY_REALLOC(ret, allocated, n + 1)) return -ENOMEM; diff --git a/src/shared/dns-domain.h b/src/shared/dns-domain.h index c68f1945e1..44a9975541 100644 --- a/src/shared/dns-domain.h +++ b/src/shared/dns-domain.h @@ -31,6 +31,9 @@ /* Worst case length of a single label, with all escaping applied and room for a trailing NUL byte. */ #define DNS_LABEL_ESCAPED_MAX (DNS_LABEL_MAX*4+1) +/* Maximum length of a full hostname, consisting of a series of unescaped labels, and no trailing dot or NUL byte */ +#define DNS_HOSTNAME_MAX 253 + int dns_label_unescape(const char **name, char *dest, size_t sz); int dns_label_unescape_suffix(const char *name, const char **label_end, char *dest, size_t sz); int dns_label_escape(const char *p, size_t l, char *dest, size_t sz); diff --git a/src/test/test-dns-domain.c b/src/test/test-dns-domain.c index 7ad59d378a..3e470c0ef2 100644 --- a/src/test/test-dns-domain.c +++ b/src/test/test-dns-domain.c @@ -314,6 +314,24 @@ static void test_dns_name_is_valid(void) { test_dns_name_is_valid_one("\\zbar", 0); test_dns_name_is_valid_one("รค", 1); test_dns_name_is_valid_one("\n", 0); + + /* 256 characters*/ + test_dns_name_is_valid_one("a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345", 0); + + /* 255 characters*/ + test_dns_name_is_valid_one("a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a1234", 0); + + /* 254 characters*/ + test_dns_name_is_valid_one("a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a123", 0); + + /* 253 characters*/ + test_dns_name_is_valid_one("a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12345678.a12", 1); + + /* label of 64 chars length */ + test_dns_name_is_valid_one("a123456789a123456789a123456789a123456789a123456789a123456789a123", 0); + + /* label of 63 chars length */ + test_dns_name_is_valid_one("a123456789a123456789a123456789a123456789a123456789a123456789a12", 1); } static void test_dns_service_name_is_valid(void) { -- cgit v1.2.3-54-g00ecf