diff --git a/.RELEASE.NOTES b/.RELEASE.NOTES index be8ea1b1b..47de1e0e0 100644 --- a/.RELEASE.NOTES +++ b/.RELEASE.NOTES @@ -79,14 +79,16 @@ If you are upgrading, please take a minute to read these release notes. ==[ REMOVED ]== - MS Visual Studio 6 support, but this did not work anymore anyway... -==[ KNOWN BUGS ]== +==[ KNOWN ISSUES ]== - Windows 2003: Crashes directly on-boot have been reported, while other W2003 servers work perfectly fine (including the one we used for testing). No pattern in this has been found yet, but the bug is somewhere in the resolver (c-ares). -- Windows: The /RESTART command will work, but the second time you do a /RESTART the - IRCd will "crash" with a dialogbox. +- Regexes: Be careful with backreferences (\1, etc), they can slow the IRCd down + considerably and even bring it to a halt. - Regexes: Possessive quantifiers such as, for example, "++" (not to be confused with "+") are not safe to use, they can freeze the IRCd. +- Windows: The /RESTART command will work, but the second time you do a /RESTART the + IRCd will "crash" with a dialogbox. ==[ ADDITIONAL INFO ]== * See Changelog for more details diff --git a/Changes b/Changes index ce0c93c27..fc3a9a43d 100644 --- a/Changes +++ b/Changes @@ -1237,3 +1237,5 @@ for example near-impossible to remove autoconnect for such a server. Reported by mixx941 (#0002836). - Fixed problem if c-ares library is already installed system-wide, reported by Trystan. +- Updated release notes a bit (will be updated more later): backrefs (\1) in regexes are + kinda scary, or at least at the moment. diff --git a/src/res.c b/src/res.c index f18bd767d..98633caab 100644 --- a/src/res.c +++ b/src/res.c @@ -251,6 +251,22 @@ char ipv6 = r->ipv6; #endif } +int verify_hostname(char *name) +{ +char *p; + + if (strlen(name) > HOSTLEN) + return 0; + + /* No underscores or other illegal characters */ + for (p = name; *p; p++) + if (!isalnum(*p) && !strchr(".-", *p)) + return 0; + + return 1; +} + + void unrealdns_cb_nametoip_verify(void *arg, int status, struct hostent *he) { DNSReq *r = (DNSReq *)arg; @@ -309,6 +325,13 @@ u_int32_t ipv4_addr; return; } + if (!verify_hostname(he->h_name)) + { + /* Hostname is bad, don't cache and consider unresolved */ + proceed_normal_client_handshake(acptr, NULL); + return; + } + /* Entry was found, verified, and can be added to cache */ unrealdns_addtocache(he->h_name, &acptr->ip, sizeof(acptr->ip));