From: Alan T. DeKok <aland@freeradius.org>
Date: Mon, 24 Oct 2011 09:52:36 +0000 (+0200)
Subject: Restrict dictionary names to ones that make sense
X-Git-Tag: release_3_0_0_beta0~551
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f5468745dd4646b99d8cf3f8cb1e041c6f0f4b14;p=thirdparty%2Ffreeradius-server.git

Restrict dictionary names to ones that make sense

No control characters, etc.
The old code allowed ANYTHING as dictionary names, which is bad.
---

diff --git a/src/lib/dict.c b/src/lib/dict.c
index 8ca426c52de..2f2dc40d262 100644
--- a/src/lib/dict.c
+++ b/src/lib/dict.c
@@ -532,6 +532,7 @@ int dict_addattr(const char *name, int attr, unsigned int vendor, int type,
 {
 	size_t namelen;
 	static int      max_attr = 0;
+	const char	*p;
 	DICT_ATTR	*da;
 
 	namelen = strlen(name);
@@ -540,6 +541,23 @@ int dict_addattr(const char *name, int attr, unsigned int vendor, int type,
 		return -1;
 	}
 
+	for (p = name; *p != '\0'; p++) {
+		if (*p < ' ') {
+			fr_strerror_printf("dict_addattr: attribute name cannot contain control characters");
+			return -1;
+		}
+
+		if ((*p == '"') || (*p == '\\')) {
+			fr_strerror_printf("dict_addattr: attribute name cannot contain quotation or backslash");
+			return -1;
+		}
+
+		if ((*p == '<') || (*p == '>') || (*p == '&')) {
+			fr_strerror_printf("dict_addattr: attribute name cannot contain XML control characters");
+			return -1;
+		}
+	}
+
 	/*
 	 *	If the attr is '-1', that means use a pre-existing
 	 *	one (if it already exists).  If one does NOT already exist,