1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00

dnsserver: Tighten DNS name checking

Add checks for the maximum permitted length, maximum number of labels
and the maximum label length.  These extra checks will be used by the
DNS wild card handling.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12952
This commit is contained in:
Gary Lockyer 2017-08-03 15:12:51 +12:00 committed by Garming Sam
parent 1184770a76
commit 34acf5a992
2 changed files with 32 additions and 6 deletions

View File

@ -18,6 +18,9 @@ import "misc.idl", "dnsp.idl";
interface dns interface dns
{ {
const int DNS_SERVICE_PORT = 53; const int DNS_SERVICE_PORT = 53;
const int DNS_MAX_LABELS = 127;
const int DNS_MAX_DOMAIN_LENGTH = 253;
const int DNS_MAX_LABEL_LENGTH = 63;
typedef [public,bitmap16bit] bitmap { typedef [public,bitmap16bit] bitmap {
DNS_RCODE = 0x000F, DNS_RCODE = 0x000F,

View File

@ -246,26 +246,49 @@ static int rec_cmp(const struct dnsp_DnssrvRpcRecord *r1,
} }
/* /*
* Check for valid DNS names. These are names which are non-empty, do not * Check for valid DNS names. These are names which:
* start with a dot and do not have any empty segments. * - are non-empty
* - do not start with a dot
* - do not have any empty labels
* - have no more than 127 labels
* - are no longer than 253 characters
* - none of the labels exceed 63 characters
*/ */
WERROR dns_name_check(TALLOC_CTX *mem_ctx, size_t len, const char *name) WERROR dns_name_check(TALLOC_CTX *mem_ctx, size_t len, const char *name)
{ {
size_t i; size_t i;
unsigned int labels = 0;
unsigned int label_len = 0;
if (len == 0) { if (len == 0) {
return WERR_DS_INVALID_DN_SYNTAX; return WERR_DS_INVALID_DN_SYNTAX;
} }
if (len > 1 && name[0] == '.') {
return WERR_DS_INVALID_DN_SYNTAX;
}
if ((len - 1) > DNS_MAX_DOMAIN_LENGTH) {
return WERR_DS_INVALID_DN_SYNTAX;
}
for (i = 0; i < len - 1; i++) { for (i = 0; i < len - 1; i++) {
if (name[i] == '.' && name[i+1] == '.') { if (name[i] == '.' && name[i+1] == '.') {
return WERR_DS_INVALID_DN_SYNTAX; return WERR_DS_INVALID_DN_SYNTAX;
} }
} if (name[i] == '.') {
labels++;
if (len > 1 && name[0] == '.') { if (labels > DNS_MAX_LABELS) {
return WERR_DS_INVALID_DN_SYNTAX; return WERR_DS_INVALID_DN_SYNTAX;
} }
label_len = 0;
} else {
label_len++;
if (label_len > DNS_MAX_LABEL_LENGTH) {
return WERR_DS_INVALID_DN_SYNTAX;
}
}
}
return WERR_OK; return WERR_OK;
} }