From owner-cvs-all@FreeBSD.ORG  Tue Aug 30 18:25:39 2005
Return-Path: <owner-cvs-all@FreeBSD.ORG>
X-Original-To: cvs-all@FreeBSD.org
Delivered-To: cvs-all@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4D91C16A446;
	Tue, 30 Aug 2005 18:25:39 +0000 (GMT)
	(envelope-from brooks@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 632914402F;
	Tue, 30 Aug 2005 18:20:47 +0000 (GMT)
	(envelope-from brooks@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.1/8.13.1) with ESMTP id j7UIKlD1001256;
	Tue, 30 Aug 2005 18:20:47 GMT
	(envelope-from brooks@repoman.freebsd.org)
Received: (from brooks@localhost)
	by repoman.freebsd.org (8.13.1/8.13.1/Submit) id j7UIKl1w001255;
	Tue, 30 Aug 2005 18:20:47 GMT (envelope-from brooks)
Message-Id: <200508301820.j7UIKl1w001255@repoman.freebsd.org>
From: Brooks Davis <brooks@FreeBSD.org>
Date: Tue, 30 Aug 2005 18:20:47 +0000 (UTC)
To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Cc: 
Subject: cvs commit: src/sbin/dhclient dhclient.c
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Aug 2005 18:25:44 -0000

brooks      2005-08-30 18:20:47 UTC

  FreeBSD src repository

  Modified files:
    sbin/dhclient        dhclient.c 
  Log:
  Introduce a new helper function check_search() derived for res_hnok to
  check the domain-name parameter according to the rules for "search"
  strings as documented in resolv.conf(5).  Specifically, the string must
  be no more than 256 bytes long and contain no more than six valid domain
  names separated by white space.
  
  The previous unchecked values could result in a mangled resolv.conf
  file which could effectively deny access to local sites.  This is not
  a security issue as rogue dhcp servers could already do this without
  sending invalid strings.
  
  Reviewed by:    cperciva
  MFC After:      3 days
  
  Revision  Changes    Path
  1.10      +56 -0     src/sbin/dhclient/dhclient.c