I am porting the old ipcop addon 'Banish' to IPFire and during testing have found a problem in general-functions.pl which causes validfqdn to return 1 when testing valid and invalid ip addresses when it should return 0.
As this is not a problem with IPCop 2 a comparison of the validfqdn section in IPFire's general-functions.pl shows a missing segment that checks the TLD can only be a-z or A-Z.
Applying the patch below to general-functions.pl corrects the problem with my Banish port and I haven't found any problems affecting IPFire's operation.
Regards
Rob
--- /tmp/general-functions.pl 2018-09-19 10:32:37.000000000 +0100 +++ /tmp/general-functions.pl.new 2018-12-12 22:13:37.394653609 +0000 @@ -666,9 +666,13 @@ }
sub validfqdn +# modified to add addition test to confirm TL is only a-z or A-Z +# as per ipcop rwb 12/12/18 + { my $part; - + my $tld; + # Checks a fully qualified domain name against RFC1035 my $fqdn = $_[0]; my @parts = split (/./, $fqdn); # Split hostname at the '.' @@ -689,7 +693,14 @@ # Last character can only be a letter or a digit if (substr ($part, -1, 1) !~ /^[a-zA-Z0-9]*$/) { return 0;} - } + # Store for additional check on TLD + $tld = $part; + } + + # TLD valid characters are a-z, A-Z + if ($tld !~ /^[a-zA-Z]*$/) { + return 0; + } return 1; }