From 977f1498201973eb1420aa309cbee71c4aa9bf56 Mon Sep 17 00:00:00 2001
From: Pavel Valena <pvalena@redhat.com>
Date: Tue, 12 May 2026 03:25:20 +0200
Subject: [PATCH] fix(network): warn on suspicious shell metacharacters in
 hostname file
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

setup_net() sources /tmp/net.$netif.hostname as shell, which is written
by dhclient-script.sh or ifup.sh. Add a defensive check that warns if
the file contains shell metacharacters ($, `, ;, &, |, () that should
never appear in a legitimate hostname, indicating possible DHCP-based
command injection attempts.

The file is still sourced for compatibility — the writer-side fix
(printf '%q') already prevents execution of injected content.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Related: RHEL-170857
---
 modules.d/40network/net-lib.sh | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/modules.d/40network/net-lib.sh b/modules.d/40network/net-lib.sh
index a294a390..7734c1f4 100755
--- a/modules.d/40network/net-lib.sh
+++ b/modules.d/40network/net-lib.sh
@@ -127,8 +127,13 @@ setup_net() {
     [ -e "/tmp/net.ifaces" ] && read -r IFACES < /tmp/net.ifaces
     [ -z "$IFACES" ] && IFACES="$netif"
     # run the scripts written by ifup
-    # shellcheck disable=SC1090
-    [ -e /tmp/net."$netif".hostname ] && . /tmp/net."$netif".hostname
+    if [ -e /tmp/net."$netif".hostname ]; then
+        if grep -qE '[$`;&|(]' /tmp/net."$netif".hostname 2>/dev/null; then
+            warn "setup_net $netif: /tmp/net.$netif.hostname contains suspicious shell metacharacters"
+        fi
+        # shellcheck disable=SC1090
+        . /tmp/net."$netif".hostname
+    fi
     # shellcheck disable=SC1090
     [ -e /tmp/net."$netif".override ] && . /tmp/net."$netif".override
     # shellcheck disable=SC1090