Pi-Hole/web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2026-04-23 18:29:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

Prevent domains sent to queryAds acting as command line options

Browse Source 
Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
This commit is contained in:
Mcat12
2018-11-23 14:43:08 -05:00
parent 738cf0479f
commit e7f4ef8a09
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
scripts/pi-hole/php/queryads.php
View File

@@ -23,7 +23,8 @@ function echoEvent($datatext) {
ini_set("pcre.recursion_limit", 1500);
function is_valid_domain_name($domain_name)
{
return (preg_match("/^((-|_)*[a-z\d]((-|_)*[a-z\d])*(-|_)*)(\.(-|_)*([a-z\d]((-|_)*[a-z\d])*))*$/i", $domain_name) // Valid chars check
return (preg_match("/^-/", $domain_name) !== 1 // Don't allow domains to appear as command line options
&& preg_match("/^((-|_)*[a-z\d]((-|_)*[a-z\d])*(-|_)*)(\.(-|_)*([a-z\d]((-|_)*[a-z\d])*))*$/i", $domain_name) // Valid chars check
&& preg_match("/^.{1,253}$/", $domain_name) // Overall length check
&& preg_match("/^[^\.]{1,63}(\.[^\.]{1,63})*$/", $domain_name) ); // Length of each label
}