Restrict dictionary names to ones that make sense

No control characters, etc.
The old code allowed ANYTHING as dictionary names, which is bad.

diff --git a/src/lib/dict.c b/src/lib/dict.c
index 8ca426c52de4093f9e1440569226a867e0cbf574..2f2dc40d262905bb8ed0aa0df836a5de9c6c5200 100644 (file)
--- a/src/lib/dict.c
+++ b/src/lib/dict.c
@@ -532,6 +532,7 @@ int dict_addattr(const char *name, int attr, unsigned int vendor, int type,
 {
        size_t namelen;
        static int      max_attr = 0;
+       const char      *p;
        DICT_ATTR       *da;
 
        namelen = strlen(name);
@@ -540,6 +541,23 @@ int dict_addattr(const char *name, int attr, unsigned int vendor, int type,
                return -1;
        }
 
+       for (p = name; *p != '\0'; p++) {
+               if (*p < ' ') {
+                       fr_strerror_printf("dict_addattr: attribute name cannot contain control characters");
+                       return -1;
+               }
+
+               if ((*p == '"') || (*p == '\\')) {
+                       fr_strerror_printf("dict_addattr: attribute name cannot contain quotation or backslash");
+                       return -1;
+               }
+
+               if ((*p == '<') || (*p == '>') || (*p == '&')) {
+                       fr_strerror_printf("dict_addattr: attribute name cannot contain XML control characters");
+                       return -1;
+               }
+       }
+
        /*
         *      If the attr is '-1', that means use a pre-existing
         *      one (if it already exists).  If one does NOT already exist,