From: Alan T. DeKok <aland@freeradius.org>
Date: Mon, 24 Oct 2011 09:52:36 +0000 (+0200)
Subject: Restrict dictionary names to ones that make sense
X-Git-Tag: release_2_2_0~280
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=23da4e97e75ce99d7b3bff5bac14d541e97a6f56;p=thirdparty%2Ffreeradius-server.git

Restrict dictionary names to ones that make sense

No control characters, etc.
The old code allowed ANYTHING as dictionary names, which is bad.
---

diff --git a/src/lib/dict.c b/src/lib/dict.c
index bdf80652d5f..72ac60e81f2 100644
--- a/src/lib/dict.c
+++ b/src/lib/dict.c
@@ -488,6 +488,7 @@ int dict_addattr(const char *name, int vendor, int type, int value,
 {
 	size_t namelen;
 	static int      max_attr = 0;
+	const char	*p;
 	DICT_ATTR	*attr;
 
 	namelen = strlen(name);
@@ -496,6 +497,23 @@ int dict_addattr(const char *name, int vendor, int type, int value,
 		return -1;
 	}
 
+	for (p = name; *p != '\0'; p++) {
+		if (*p < ' ') {
+			fr_strerror_printf("dict_addattr: attribute name cannot contain control characters");
+			return -1;
+		}
+
+		if ((*p == '"') || (*p == '\\')) {
+			fr_strerror_printf("dict_addattr: attribute name cannot contain quotation or backslash");
+			return -1;
+		}
+
+		if ((*p == '<') || (*p == '>') || (*p == '&')) {
+			fr_strerror_printf("dict_addattr: attribute name cannot contain XML control characters");
+			return -1;
+		}
+	}
+
 	/*
 	 *	If the value is '-1', that means use a pre-existing
 	 *	one (if it already exists).  If one does NOT already exist,