cvs commit: src/sbin/dhclient dhclient.c
Brooks Davis
brooks at FreeBSD.org
Tue Aug 30 18:25:40 GMT 2005
brooks 2005-08-30 18:20:47 UTC
FreeBSD src repository
Modified files:
sbin/dhclient dhclient.c
Log:
Introduce a new helper function check_search() derived for res_hnok to
check the domain-name parameter according to the rules for "search"
strings as documented in resolv.conf(5). Specifically, the string must
be no more than 256 bytes long and contain no more than six valid domain
names separated by white space.
The previous unchecked values could result in a mangled resolv.conf
file which could effectively deny access to local sites. This is not
a security issue as rogue dhcp servers could already do this without
sending invalid strings.
Reviewed by: cperciva
MFC After: 3 days
Revision Changes Path
1.10 +56 -0 src/sbin/dhclient/dhclient.c
More information about the cvs-src
mailing list