From: Ken Raeburn Date: Tue, 9 Jul 2002 18:16:00 +0000 (+0000) Subject: * hst_realm.c (krb5_get_host_realm): Return KRB5_ERR_NUMERIC_REALM if the X-Git-Tag: krb5-1.3-alpha1~600 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=11c20954ab6a7f1915702b465aa404375489e463;p=krb5.git * hst_realm.c (krb5_get_host_realm): Return KRB5_ERR_NUMERIC_REALM if the hostname is a numeric-address form. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14619 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/lib/krb5/os/ChangeLog b/src/lib/krb5/os/ChangeLog index 3cbe50c13..a1176306c 100644 --- a/src/lib/krb5/os/ChangeLog +++ b/src/lib/krb5/os/ChangeLog @@ -1,3 +1,8 @@ +2002-07-09 Ken Raeburn + + * hst_realm.c (krb5_get_host_realm): Return KRB5_ERR_NUMERIC_REALM + if the hostname is a numeric-address form. + 2002-07-08 Ken Raeburn * localaddr.c (get_localaddrs): Split out main body of diff --git a/src/lib/krb5/os/hst_realm.c b/src/lib/krb5/os/hst_realm.c index 4238f5e54..2485c8710 100644 --- a/src/lib/krb5/os/hst_realm.c +++ b/src/lib/krb5/os/hst_realm.c @@ -280,6 +280,28 @@ krb5_get_host_realm(context, host, realmsp) char local_host[MAX_DNS_NAMELEN+1]; if (host) { + /* Filter out numeric addresses if the caller utterly failed to + convert them to names. */ + /* IPv4 - dotted quads only */ + if (strspn(host, "01234567890.") == strlen(host)) { + /* All numbers and dots... if it's three dots, it's an + IP address, and we reject it. But "12345" could be + a local hostname, couldn't it? We'll just assume + that a name with three dots is not meant to be an + all-numeric hostname three all-numeric domains down + from the current domain. */ + int ndots = 0; + const char *p; + for (p = host; *p; p++) + if (*p == '.') + ndots++; + if (ndots == 3) + return KRB5_ERR_NUMERIC_REALM; + } + if (strchr(host, ':')) + /* IPv6 numeric address form? Bye bye. */ + return KRB5_ERR_NUMERIC_REALM; + /* Should probably error out if strlen(host) > MAX_DNS_NAMELEN. */ strncpy(local_host, host, sizeof(local_host)); local_host[sizeof(local_host) - 1] = '\0';