1 From d486bca7e7912c6a4b547a3c607db0d0d3124bbf Mon Sep 17 00:00:00 2001
2 From: Michal Sekletar <msekleta@redhat.com>
3 Date: Mon, 23 Oct 2023 13:38:35 +0200
4 Subject: [PATCH] core: extract host name using avahi_unescape_label()
6 Previously we could create invalid escape sequence when we split the
7 string on dot. For example, from valid host name "foo\\.bar" we have
8 created invalid name "foo\\" and tried to set that as the host name
9 which crashed the daemon.
15 avahi-core/server.c | 27 +++++++++++++++++++++------
16 1 file changed, 21 insertions(+), 6 deletions(-)
18 --- a/avahi-core/server.c
19 +++ b/avahi-core/server.c
20 @@ -1295,7 +1295,11 @@ static void update_fqdn(AvahiServer *s)
23 int avahi_server_set_host_name(AvahiServer *s, const char *host_name) {
25 + char label_escaped[AVAHI_LABEL_MAX*4+1];
26 + char label[AVAHI_LABEL_MAX];
27 + char *hn = NULL, *h;
32 AVAHI_CHECK_VALIDITY(s, !host_name || avahi_is_valid_host_name(host_name), AVAHI_ERR_INVALID_HOST_NAME);
33 @@ -1305,17 +1309,28 @@ int avahi_server_set_host_name(AvahiServ
35 hn = avahi_normalize_name_strdup(host_name);
37 - hn[strcspn(hn, ".")] = 0;
39 + if (!avahi_unescape_label((const char **)&hn, label, sizeof(label))) {
41 + return AVAHI_ERR_INVALID_HOST_NAME;
46 - if (avahi_domain_equal(s->host_name, hn) && s->state != AVAHI_SERVER_COLLISION) {
49 + len = sizeof(label_escaped);
50 + if (!avahi_escape_label(label, strlen(label), &h, &len))
51 + return AVAHI_ERR_INVALID_HOST_NAME;
53 + if (avahi_domain_equal(s->host_name, label_escaped) && s->state != AVAHI_SERVER_COLLISION)
54 return avahi_server_set_errno(s, AVAHI_ERR_NO_CHANGE);
59 avahi_free(s->host_name);
61 + s->host_name = avahi_strdup(label_escaped);
63 + return AVAHI_ERR_NO_MEMORY;