Bug #16725: mDNS-Bridge: Improper input validation in filter field - pfSense Packages - pfSense bugtracker

Actions

Copy link

Bug #16725

open

mDNS-Bridge: Improper input validation in filter field

Added by Fritz Fritz about 2 months ago. Updated 8 days ago.

Status:

Feedback

Priority:

Normal

Assignee:

Category:

mDNS Bridge

Target version:

Start date:

Due date:

% Done:

100%

Estimated time:

Plus Target Version:

Affected Version:

Affected Plus Version:

Affected Architecture:

All

Description

There seems to be over aggressive input validation on the inbound/outbound allow/deny filter fields.

Service names can have special characters and spaces '2AB601BC6BD9@Localhost'._raop._tcp.local. or 'Bedroom TV'._airplay._tcp.local. as per [RFC6763](https://datatracker.ietf.org/doc/html/rfc6763#section-4.1.1).

Due to the filter matching design in mdns-bridge, labels must match exactly and do not support substring matching.

Entering one of these service names in the webgui gives an "Invalid domain" error and yet they are valid.

Manually modifying the configuration file works and directly validates that the issue is with webgui for the package.

Actions

Copy link

Updated by Kris Phillips 10 days ago

Status changed from New to Confirmed

I can confirm this behavior. Tested on latest package version on 26.03 of Plus.

Marking Confirmed.

Actions

Copy link

Updated by Denny Page 10 days ago

Acknowledged. I’m traveling internationally and will look at this as soon as I can.

Actions

Copy link

Updated by Steve Wheeler 10 days ago

Subject changed from Improper input validation in filter field to mDNS-Bridge: Improper input validation in filter field

Actions

Copy link

Updated by Denny Page 9 days ago

Please test with the following diff:

--- usr/local/www/mdns-bridge.php.org    2026-04-01 08:04:02.000000000 -0700
+++ usr/local/www/mdns-bridge.php    2026-04-05 16:01:33.480445000 -0700
@@ -86,7 +86,7 @@
         $filter_list = array();
         foreach (array_filter(explode(',', $pconfig['global_filter_list'])) as $filter) {
             $filter = trim($filter);
-            if (!is_domain($filter, false, false)) {
+            if (str_contains($filter, '..')) {
                 $input_errors[] = sprintf(gettext('Invalid domain in Global Filter List: "%1$s"'), $filter);
             }
             $filter_list[] = $filter;
@@ -106,7 +106,7 @@
             $filter_list = array();
             foreach (array_filter(explode(',', $pconfig['inbound_filter_list_' . $interface])) as $filter) {
                 $filter = trim($filter);
-                if (!is_domain($filter, false, false)) {
+                if (str_contains($filter, '..')) {
                     $input_errors[] = sprintf(gettext('Invalid domain in %1$s Inbound Filter List: "%2$s"'),
                         convert_friendly_interface_to_friendly_descr($interface), $filter);
                 }
@@ -125,7 +125,7 @@
             $filter_list = array();
             foreach (array_filter(explode(',', $pconfig['outbound_filter_list_' . $interface])) as $filter) {
                 $filter = trim($filter);
-                if (!is_domain($filter, false, false)) {
+                if (str_contains($filter, '..')) {
                     $input_errors[] = sprintf(gettext('Invalid domain in %1$s Outbound Filter List: "%2$s"'),
                         convert_friendly_interface_to_friendly_descr($interface), $filter);
                 }