Date: Tue, 30 Aug 2005 18:20:47 +0000 (UTC) From: Brooks Davis <brooks@FreeBSD.org> To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sbin/dhclient dhclient.c Message-ID: <200508301820.j7UIKl1w001255@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
brooks 2005-08-30 18:20:47 UTC FreeBSD src repository Modified files: sbin/dhclient dhclient.c Log: Introduce a new helper function check_search() derived for res_hnok to check the domain-name parameter according to the rules for "search" strings as documented in resolv.conf(5). Specifically, the string must be no more than 256 bytes long and contain no more than six valid domain names separated by white space. The previous unchecked values could result in a mangled resolv.conf file which could effectively deny access to local sites. This is not a security issue as rogue dhcp servers could already do this without sending invalid strings. Reviewed by: cperciva MFC After: 3 days Revision Changes Path 1.10 +56 -0 src/sbin/dhclient/dhclient.c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200508301820.j7UIKl1w001255>