CVS commit: [netbsd-5-0] src/external/bsd/dhcpcd/dist

[Manuel Bouyer]

Module Name:    src
Committed By:   bouyer
Date:           Sat May 21 13:31:00 UTC 2011

Modified Files:
        src/external/bsd/dhcpcd/dist [netbsd-5-0]: dhcp.c dhcpcd-run-hooks.8.in
            dhcpcd-run-hooks.in
        src/external/bsd/dhcpcd/dist/dhcpcd-hooks [netbsd-5-0]: 20-resolv.conf
            30-hostname

Log Message:
Apply patch, requested by spz in ticket 1603:
        external/bsd/dhcpcd/dist/dhcp.c                         patch
        external/bsd/dhcpcd/dist/dhcpcd-run-hooks.8.in          patch
        external/bsd/dhcpcd/dist/dhcpcd-run-hooks.in            patch
        external/bsd/dhcpcd/dist/dhcpcd-hooks/20-resolv.conf    patch
        external/bsd/dhcpcd/dist/dhcpcd-hooks/30-hostname       patch
Escape | and & characters before passing the value to the shell
Ensure we set a valid hostname, DNS domain and NIS domain.
Document the need for input validation in dhcpcd-run-hooks(8).
Fixes CVE-2011-996


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.2.6.2.2.1 -r1.1.1.2.6.2.2.2 \
    src/external/bsd/dhcpcd/dist/dhcp.c
cvs rdiff -u -r1.1.1.2.6.1.2.1 -r1.1.1.2.6.1.2.2 \
    src/external/bsd/dhcpcd/dist/dhcpcd-run-hooks.8.in
cvs rdiff -u -r1.1.1.2.6.1 -r1.1.1.2.6.1.2.1 \
    src/external/bsd/dhcpcd/dist/dhcpcd-run-hooks.in
cvs rdiff -u -r1.1.1.2 -r1.1.1.2.10.1 \
    src/external/bsd/dhcpcd/dist/dhcpcd-hooks/20-resolv.conf \
    src/external/bsd/dhcpcd/dist/dhcpcd-hooks/30-hostname

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/external/bsd/dhcpcd/dist/dhcp.c
diff -u src/external/bsd/dhcpcd/dist/dhcp.c:1.1.1.2.6.2.2.1 src/external/bsd/dhcpcd/dist/dhcp.c:1.1.1.2.6.2.2.2
--- src/external/bsd/dhcpcd/dist/dhcp.c:1.1.1.2.6.2.2.1	Tue Aug  4 20:23:37 2009
+++ src/external/bsd/dhcpcd/dist/dhcp.c	Sat May 21 13:31:00 2011
@@ -1056,6 +1056,8 @@
 			case '$':  /* FALLTHROUGH */
 			case '`':  /* FALLTHROUGH */
 			case '\\': /* FALLTHROUGH */
+			case '|':  /* FALLTHROUGH */
+			case '&':
 				if (s) {
 					if (len < 3) {
 						errno = ENOBUFS;

Index: src/external/bsd/dhcpcd/dist/dhcpcd-run-hooks.8.in
diff -u src/external/bsd/dhcpcd/dist/dhcpcd-run-hooks.8.in:1.1.1.2.6.1.2.1 src/external/bsd/dhcpcd/dist/dhcpcd-run-hooks.8.in:1.1.1.2.6.1.2.2
--- src/external/bsd/dhcpcd/dist/dhcpcd-run-hooks.8.in:1.1.1.2.6.1.2.1	Tue Aug  4 20:23:37 2009
+++ src/external/bsd/dhcpcd/dist/dhcpcd-run-hooks.8.in	Sat May 21 13:31:00 2011
@@ -1,4 +1,4 @@
-.\" Copyright 2006-2008 Roy Marples
+.\" Copyright (c) 2006-2011 Roy Marples
 .\" All rights reserved
 .\"
 .\" Redistribution and use in source and binary forms, with or without
@@ -112,3 +112,11 @@
 .An Roy Marples <r...@marples.name>
 .Sh BUGS
 Please report them to http://roy.marples.name/projects/dhcpcd
+.Sh SECURITY CONSIDERATIONS 
+Little validation of DHCP options is done in dhcpcd itself. 
+Instead, it is up to the hooks to handle any validation needed. 
+To this end, some helper functions are provided, such as valid_domainname as 
+used by the 
+.Pa 20-resolv.conf 
+hook to ensure that the hostname is not set to an invalid value. 
+valid_path is also provided, but is currently unused by a stock hook script. 

Index: src/external/bsd/dhcpcd/dist/dhcpcd-run-hooks.in
diff -u src/external/bsd/dhcpcd/dist/dhcpcd-run-hooks.in:1.1.1.2.6.1 src/external/bsd/dhcpcd/dist/dhcpcd-run-hooks.in:1.1.1.2.6.1.2.1
--- src/external/bsd/dhcpcd/dist/dhcpcd-run-hooks.in:1.1.1.2.6.1	Fri Feb  6 02:25:38 2009
+++ src/external/bsd/dhcpcd/dist/dhcpcd-run-hooks.in	Sat May 21 13:31:00 2011
@@ -115,6 +115,46 @@
 	mv -f "$1"-pre."${interface}" "$1"
 }
 
+# Check for a valid domain name as per RFC1123 with the exception of 
+# allowing - and _ as they seem to be widely used. 
+valid_domainname() 
+{ 
+        local name="$1" label 
+ 
+        [ -z "$name" -o ${#name} -gt 255 ] && return 1 
+         
+        while [ -n "$name" ]; do 
+                label="${name%%.*}" 
+                [ -z "$label" -o ${#label} -gt 63 ] && return 1 
+                case "$label" in 
+                -*|_*|*-|*_)            return 1;; 
+                *[![:alnum:]-_]*)       return 1;; 
+                esac 
+                [ "$name" = "${name#*.}" ] && break 
+                name="${name#*.}" 
+        done 
+        return 0         
+} 
+ 
+valid_domainname_list() 
+{ 
+        local name 
+ 
+        for name in $@; do 
+                valid_domainname "$name" || return $? 
+        done 
+        return 0 
+} 
+ 
+# Check for a valid path 
+valid_path() 
+{ 
+        case "$@" in 
+        *[![:alnum:]#%+-_:\.,@~\\/\[\]=\ ]*) return 1;; 
+        esac 
+        return 0 
+} 
+
 
 # We source each script into this one so that scripts run earlier can
 # remove variables from the environment so later scripts don't see them.

Index: src/external/bsd/dhcpcd/dist/dhcpcd-hooks/20-resolv.conf
diff -u src/external/bsd/dhcpcd/dist/dhcpcd-hooks/20-resolv.conf:1.1.1.2 src/external/bsd/dhcpcd/dist/dhcpcd-hooks/20-resolv.conf:1.1.1.2.10.1
--- src/external/bsd/dhcpcd/dist/dhcpcd-hooks/20-resolv.conf:1.1.1.2	Fri Sep 19 22:59:58 2008
+++ src/external/bsd/dhcpcd/dist/dhcpcd-hooks/20-resolv.conf	Sat May 21 13:31:00 2011
@@ -67,9 +67,19 @@
 	fi
 
 	if [ -n "${new_domain_search}" ]; then
-		conf="${conf}search ${new_domain_search}\n"
+		if valid_domainname_list; then
+			conf="${conf}search ${new_domain_search}\n"
+		else
+			syslog err "Invalid domain name in list: $new_domain_search"
+		fi
 	elif [ -n "${new_domain_name}" ]; then
-		conf="${conf}search ${new_domain_name}\n"
+		set -- $new_domain_name
+		new_domain_name="$1"
+		if valid_domainname "$new_domain_name"; then
+			conf="${conf}search ${new_domain_name}\n"
+		else
+			syslog err "Invalid domain name: $new_domain_name"
+		fi
 	fi
 	for x in ${new_domain_name_servers}; do
 		conf="${conf}nameserver ${x}\n"
Index: src/external/bsd/dhcpcd/dist/dhcpcd-hooks/30-hostname
diff -u src/external/bsd/dhcpcd/dist/dhcpcd-hooks/30-hostname:1.1.1.2 src/external/bsd/dhcpcd/dist/dhcpcd-hooks/30-hostname:1.1.1.2.10.1
--- src/external/bsd/dhcpcd/dist/dhcpcd-hooks/30-hostname:1.1.1.2	Fri Sep 19 22:59:58 2008
+++ src/external/bsd/dhcpcd/dist/dhcpcd-hooks/30-hostname	Sat May 21 13:31:00 2011
@@ -12,13 +12,22 @@
 	esac
 }
 
+try_hostname() 
+{       
+	if valid_domainname "$1"; then
+		hostname "$1" 
+	else    
+		syslog err "Invalid hostname: $1"
+	fi      
+}      
+
 set_hostname()
 {
 	if need_hostname; then
 		if [ -n "${new_host_name}" ]; then
-			hostname "${new_host_name}"
+			try_hostname "${new_host_name}"
 		else
-			hostname "${new_fqdn_name}"
+			try_hostname "${new_fqdn_name}"
 		fi
 	fi
 }