From 4ee290c662bd8a2a64bf578d7b1cb67866f5aead Mon Sep 17 00:00:00 2001
From: Jan Vaclav <jvaclav@redhat.com>
Date: Tue, 9 Jun 2026 11:28:15 +0200
Subject: [PATCH] dhcp/dhclient: validate hostname before pasting it into
 dhclient config

---
 src/core/dhcp/nm-dhcp-dhclient-utils.c | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/src/core/dhcp/nm-dhcp-dhclient-utils.c b/src/core/dhcp/nm-dhcp-dhclient-utils.c
index 286f7aa19f..6d2d59db15 100644
--- a/src/core/dhcp/nm-dhcp-dhclient-utils.c
+++ b/src/core/dhcp/nm-dhcp-dhclient-utils.c
@@ -39,6 +39,21 @@
 #define MUDURLv6_DEF "option dhcp6.mudurl code 112 = text;\n"
 #define MUDURLv6_FMT "send dhcp6.mudurl \"%s\";\n"
 
+static gboolean
+_dhclient_hostname_is_valid(const char *s)
+{
+    for (const char *p = s; *p; p++) {
+        if (*p == '"' || *p == '\\' || *p < 0x20) {
+            nm_log_warn(
+                LOGD_DHCP,
+                "hostname '%s' contains unsafe characters for dhclient config, will be ignored",
+                s);
+            return FALSE;
+        }
+    }
+    return TRUE;
+}
+
 static void
 add_request(GPtrArray *array, const char *item)
 {
@@ -140,7 +155,7 @@ add_ip4_config(GString            *str,
         g_string_append(str, "; # added by NetworkManager\n");
     }
 
-    if (hostname) {
+    if (hostname && _dhclient_hostname_is_valid(hostname)) {
         if (use_fqdn) {
             g_string_append_printf(str, FQDN_FORMAT "\n", hostname);
 
@@ -179,7 +194,7 @@ add_ip4_config(GString            *str,
 static void
 add_hostname6(GString *str, const char *hostname, NMDhcpHostnameFlags hostname_flags)
 {
-    if (hostname) {
+    if (hostname && _dhclient_hostname_is_valid(hostname)) {
         g_string_append_printf(str, FQDN_FORMAT "\n", hostname);
         if (hostname_flags & NM_DHCP_HOSTNAME_FLAG_FQDN_SERV_UPDATE)
             g_string_append(str, FQDN_TAG_PREFIX "server-update on;\n");