hostname-util: don't allow machine tags to begin/end with '-' or '.'

diff --git a/src/basic/hostname-util.c b/src/basic/hostname-util.c
index baa735ab10c01f60d83e5106a4fa408bf7bed89b..e12ec01af21c34b239320e07945d780f8bf639f1 100644 (file)
--- a/src/basic/hostname-util.c
+++ b/src/basic/hostname-util.c
@@ -259,6 +259,12 @@ bool machine_tag_is_valid(const char *s) {
         if (n <= 0 || n >= 256)
                 return false;
 
+        /* Don't allow "-" and "." as first or last char. (This is load-bearing, we want that "+"/"-" can be
+         * used as prefix for adding/removing tags from the list). */
+        if (strchr("-.", s[0]) ||
+            strchr("-.", s[n-1]))
+                return false;
+
         return in_charset(s, ALPHANUMERICAL "-.");
 }
 

diff --git a/src/test/test-hostname-util.c b/src/test/test-hostname-util.c
index 1a3cb1dfff5523915502d319ba9873a80c5bb85e..8ec4034af7fb5422fb1058195b80bcc84cfc5ecc 100644 (file)
--- a/src/test/test-hostname-util.c
+++ b/src/test/test-hostname-util.c
@@ -132,6 +132,10 @@ TEST(machine_tag_is_valid) {
         assert_se(!machine_tag_is_valid("fööbar"));    /* non-ASCII */
         assert_se(!machine_tag_is_valid("foo/bar"));
         assert_se(!machine_tag_is_valid("foo_bar"));
+        assert_se(!machine_tag_is_valid("-foo"));
+        assert_se(!machine_tag_is_valid("foo-"));
+        assert_se(!machine_tag_is_valid(".foo"));
+        assert_se(!machine_tag_is_valid("foo."));
 
         /* Length boundary: 255 characters is fine, 256 is too long */
         _cleanup_free_ char *max = strrep("a", 255), *over = strrep("a", 256);