From 8e2fd49bcd30e46894510c6acd14b3a63fb71782 Mon Sep 17 00:00:00 2001 From: deepin-ci-robot Date: Thu, 4 Jun 2026 12:36:13 +0000 Subject: [PATCH] Backport upstream commit 95c7dc33087ae99db8ab8b6614550541a8e7187f. hostname-util: don'"'"'t allow machine tags to begin/end with '-' or '.' Don'"'"'t allow "-" and "." as first or last char. (This is load-bearing, we want that "+"/"-" can be used as prefix for adding/removing tags from the list). Changes: - Add debian/patches/fix-hostname-machine-tag-chars.patch - Modify debian/patches/series - Modify debian/changelog Upstream: https://github.com/systemd/systemd/commit/95c7dc33087ae99db8ab8b6614550541a8e7187f Generated-By: glm-5-turbo Co-Authored-By: deepin-ci-robot --- debian/changelog | 7 ++ .../fix-hostname-machine-tag-chars.patch | 79 +++++++++++++++++++ debian/patches/series | 1 + 3 files changed, 87 insertions(+) create mode 100644 debian/patches/fix-hostname-machine-tag-chars.patch diff --git a/debian/changelog b/debian/changelog index 5c960842..9a817657 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +systemd (255.2-4deepin31) unstable; urgency=medium + + * Backport upstream commit 95c7dc33087ae99db8ab8b6614550541a8e7187f: + hostname-util: don't allow machine tags to begin/end with '-' or '.' + + -- deepin-ci-robot Thu, 04 Jun 2026 12:35:58 +0000 + systemd (255.2-4deepin30) unstable; urgency=medium * Fix tmpfiles x11 socket age-based cleanup causing unexpected removal diff --git a/debian/patches/fix-hostname-machine-tag-chars.patch b/debian/patches/fix-hostname-machine-tag-chars.patch new file mode 100644 index 00000000..d9c01df3 --- /dev/null +++ b/debian/patches/fix-hostname-machine-tag-chars.patch @@ -0,0 +1,79 @@ +diff --git a/src/basic/hostname-util.c b/src/basic/hostname-util.c +index e743033..836c02c 100644 +--- a/src/basic/hostname-util.c ++++ b/src/basic/hostname-util.c +@@ -173,6 +173,26 @@ char* hostname_cleanup(char *s) { + return s; + } + ++ ++bool machine_tag_is_valid(const char *s) { ++ size_t n; ++ ++ if (!s) ++ return false; ++ ++ n = strlen(s); ++ if (n <= 0 || n >= 256) ++ return false; ++ ++ /* Don't allow "-" and "." as first or last char. (This is load-bearing, we want that "+"/"-" ++ * can be used as prefix for adding/removing tags from the list). */ ++ if (strchr("-.", s[0]) || ++ strchr("-.", s[n-1])) ++ return false; ++ ++ return in_charset(s, ALPHANUMERICAL "-."); ++} ++ + bool is_localhost(const char *hostname) { + assert(hostname); + +diff --git a/src/basic/hostname-util.h b/src/basic/hostname-util.h +index bcac3d9..8c75ee8 100644 +--- a/src/basic/hostname-util.h ++++ b/src/basic/hostname-util.h +@@ -47,6 +47,7 @@ typedef enum ValidHostnameFlags { + + bool hostname_is_valid(const char *s, ValidHostnameFlags flags) _pure_; + char* hostname_cleanup(char *s); ++bool machine_tag_is_valid(const char *s) _pure_; + + bool is_localhost(const char *hostname); + +diff --git a/src/test/test-hostname-util.c b/src/test/test-hostname-util.c +index 77e9a19..369f54e 100644 +--- a/src/test/test-hostname-util.c ++++ b/src/test/test-hostname-util.c +@@ -101,6 +101,31 @@ TEST(hostname_malloc) { + log_info("hostname_short_malloc: \"%s\"", l); + } + ++TEST(machine_tag_is_valid) { ++ assert_se(machine_tag_is_valid("foo")); ++ assert_se(machine_tag_is_valid("foo-bar")); ++ assert_se(machine_tag_is_valid("foo.bar")); ++ assert_se(machine_tag_is_valid("foo.bar.baz")); ++ assert_se(machine_tag_is_valid("foo0")); ++ assert_se(machine_tag_is_valid("0")); ++ assert_se(machine_tag_is_valid("a")); ++ ++ assert_se(!machine_tag_is_valid(NULL)); ++ assert_se(!machine_tag_is_valid("")); ++ assert_se(!machine_tag_is_valid("fööbar")); /* non-ASCII */ ++ assert_se(!machine_tag_is_valid("foo/bar")); ++ assert_se(!machine_tag_is_valid("foo_bar")); ++ assert_se(!machine_tag_is_valid("-foo")); ++ assert_se(!machine_tag_is_valid("foo-")); ++ assert_se(!machine_tag_is_valid(".foo")); ++ assert_se(!machine_tag_is_valid("foo.")); ++ ++ /* Length boundary: 255 characters is fine, 256 is too long */ ++ _cleanup_free_ char *max = strrep("a", 255), *over = strrep("a", 256); ++ assert_se(machine_tag_is_valid(max)); ++ assert_se(!machine_tag_is_valid(over)); ++} ++ + TEST(default_hostname) { + if (!hostname_is_valid(FALLBACK_HOSTNAME, 0)) { + log_error("Configured fallback hostname \"%s\" is not valid.", FALLBACK_HOSTNAME); diff --git a/debian/patches/series b/debian/patches/series index 4b002b6d..8e510963 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -42,3 +42,4 @@ hwdb-reject-oob-fnmatch.patch exec-invoke-chdir-after-chroot.patch uniontech-skip-clock-restore-for-timesyncd.patch fix-tmpfiles-x11-cleanup.patch +fix-hostname-machine-tag-chars.patch