From 955f2d788edae3c65506ffa12de18e023fd95ae4 Mon Sep 17 00:00:00 2001
From: Scott Ullrich <sullrich@pfsense.org>
Date: Thu, 7 Apr 2011 16:11:45 -0400
Subject: Use some Seth egrep foo to protect from compromised DHCP servers.  
 CVE-2011-0997

---
 sbin/dhclient-script | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'sbin/dhclient-script')

diff --git a/sbin/dhclient-script b/sbin/dhclient-script
index e51132e..0f409a3 100755
--- a/sbin/dhclient-script
+++ b/sbin/dhclient-script
@@ -232,13 +232,14 @@ add_new_resolv_conf() {
 	if [ -n "$new_domain_name_servers" ]; then 
 		/bin/rm -f /var/etc/nameserver_$interface
 		for nameserver in $new_domain_name_servers; do
+			nameserver_sanitized=`echo '$nameserver' | egrep -o '([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+|[0-9a-f]+:)'`
 			# Add a route to the nameserver out the correct interface
 			# so that mulitple wans work correctly with multiple dns
 			# also backup the nameserver for later route removal
-			echo $nameserver >>/var/etc/nameserver_$interface
-			$ROUTE add $nameserver -iface $interface
+			echo '$nameserver_sanitized' >>/var/etc/nameserver_$interface
+			$ROUTE add $nameserver_sanitized -iface $interface
 		done
-		echo $new_domain_name >/var/etc/searchdomain_$interface
+		echo $new_domain_name | egrep -o "[0-9\.]+" >/var/etc/searchdomain_$interface
 	fi
 
 	return 0
-- 
cgit v1.1