diff options
author | Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com> | 2014-01-29 14:28:04 +0200 |
---|---|---|
committer | Patrik Flykt <patrik.flykt@linux.intel.com> | 2014-02-05 13:52:33 +0200 |
commit | d9ea7b8a23d790dc517a9eec3c7478bf42bd0917 (patch) | |
tree | a4c653cdd12d968a36e73319c3993ef183a3a0e9 | |
parent | 11f34069fd02a73fa0c91c8838e0cf07ca70fa3d (diff) | |
download | pacrunner-d9ea7b8a23d790dc517a9eec3c7478bf42bd0917.tar.gz |
plugins: Do not try to resolve a wrongly formated hostname
This will prevent to uselessly resolve a node which is not a valid
hostname: when the node is an IPv6 address for instance. In order not to
eat too much time when resolving a node.
Note:
Current PAC API is IPv4 only. For both IPv4/IPv6 support, a new API has
been proposed by Microsoft (look for FindProxyforURLEx). Though one
might argue it could have been better to fix legacy function rather than
inventing new ones, this patch should not affect any later
implementation of such API, like dnsResolveEx()/isInNetEx() etc...
Reported by David Woodhouse <dwmw2@infradead.org>
-rw-r--r-- | plugins/mozjs.c | 11 | ||||
-rw-r--r-- | plugins/v8.cc | 14 |
2 files changed, 24 insertions, 1 deletions
diff --git a/plugins/mozjs.c b/plugins/mozjs.c index 9d1ad6f..af91fea 100644 --- a/plugins/mozjs.c +++ b/plugins/mozjs.c @@ -122,9 +122,20 @@ static JSBool dnsresolve(JSContext *ctx, uintN argc, jsval *vp) char address[NI_MAXHOST]; jsval *argv = JS_ARGV(ctx, vp); char *host = JS_EncodeString(ctx, JS_ValueToString(ctx, argv[0])); + char **split_res; DBG("host %s", host); + /* Q&D test on host to know if it is a proper hostname */ + split_res = g_strsplit_set(host, ":%?!,;@\\'*|<>{}[]()+=$&~# \"", -1); + if (split_res) { + int length = g_strv_length(split_res); + g_strfreev(split_res); + + if (length > 1) + goto out; + } + JS_SET_RVAL(ctx, vp, JSVAL_NULL); if (resolve(host, address, sizeof(address)) < 0) diff --git a/plugins/v8.cc b/plugins/v8.cc index cc38189..6cb28ca 100644 --- a/plugins/v8.cc +++ b/plugins/v8.cc @@ -123,13 +123,25 @@ static v8::Handle<v8::Value> dnsresolve(const v8::Arguments& args) { char address[NI_MAXHOST]; v8::String::Utf8Value host(args[0]); + char **split_res; if (args.Length() != 1) return v8::ThrowException(v8::String::New("Bad parameters")); - DBG("host %s", *host); + /* Q&D test on host to know if it is a proper hostname */ + split_res = g_strsplit_set(*host, ":%?!,;@\\'*|<>{}[]()+=$&~# \"", -1); + if (split_res) { + int length = g_strv_length(split_res); + g_strfreev(split_res); + + if (length > 1) { + v8::ThrowException( + v8::String::New("Failed to resolve")); + } + } + if (resolve(*host, address, sizeof(address)) < 0) return v8::ThrowException(v8::String::New("Failed to resolve")); |