Restrict dictionary names to ones that make sense

No control characters, etc.
The old code allowed ANYTHING as dictionary names, which is bad.

diff --git a/src/lib/dict.c b/src/lib/dict.c
index bdf80652d5fc52b02664b9252c5d591d72661a10..72ac60e81f249cd43dec1090540e7cfce622e6af 100644 (file)
--- a/src/lib/dict.c
+++ b/src/lib/dict.c
@@ -488,6 +488,7 @@ int dict_addattr(const char *name, int vendor, int type, int value,
 {
        size_t namelen;
        static int      max_attr = 0;
+       const char      *p;
        DICT_ATTR       *attr;
 
        namelen = strlen(name);
@@ -496,6 +497,23 @@ int dict_addattr(const char *name, int vendor, int type, int value,
                return -1;
        }
 
+       for (p = name; *p != '\0'; p++) {
+               if (*p < ' ') {
+                       fr_strerror_printf("dict_addattr: attribute name cannot contain control characters");
+                       return -1;
+               }
+
+               if ((*p == '"') || (*p == '\\')) {
+                       fr_strerror_printf("dict_addattr: attribute name cannot contain quotation or backslash");
+                       return -1;
+               }
+
+               if ((*p == '<') || (*p == '>') || (*p == '&')) {
+                       fr_strerror_printf("dict_addattr: attribute name cannot contain XML control characters");
+                       return -1;
+               }
+       }
+
        /*
         *      If the value is '-1', that means use a pre-existing
         *      one (if it already exists).  If one does NOT already exist,