Validate server hostnames to prevent path traversal (#17)

If Mozilla servers were compromised, hostnames could be used for path traversal attacks. The impact would be very low as it would only be possible to write wireguard configs. Fix #14
NilsIrl · Aug 19, 2020 · 10ed69a · 10ed69a
1 parent faad50d
commit 10ed69a
Showing 1 changed file with 23 additions and 2 deletions.
diff --git a/src/main.rs b/src/main.rs
@@ -108,6 +108,14 @@ struct Server {
     port_ranges: Vec<(u16, u16)>,
 }
 
+impl Server {
+    fn validate_hostname(&self) -> bool {
+        self.hostname
+            .chars()
+            .all(|c| c.is_ascii_alphanumeric() || c == '-')
+    }
+}
+
 // latitude and longitude omitted
 #[derive(serde::Deserialize)]
 struct City {
@@ -132,13 +140,26 @@ struct ServerList {
 
 impl ServerList {
     fn new(client: reqwest::blocking::Client, token: &str) -> Self {
-        client
+        let server_list = client
             .get(&format!("{}/vpn/servers", BASE_URL))
             .bearer_auth(token)
             .send()
             .unwrap()
             .json::<ServerList>()
-            .unwrap()
+            .unwrap();
+        if let Some(server) = server_list
+            .countries
+            .iter()
+            .flat_map(|country| country.cities.iter().flat_map(|city| city.servers.iter()))
+            .find(|server| !server.validate_hostname())
+        {
+            eprintln!(
+                "A server contains invalid characters in its hostname: {}",
+                server.hostname
+            );
+            std::process::exit(3);
+        }
+        server_list
     }
 }