From bda6b88888a90fc64059e09b7c10ac8e88d74d04 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=A1bor=20Egyed?= <gabor.egyed@gmail.com>
Date: Fri, 20 Aug 2021 20:50:54 +0200
Subject: [PATCH] Add hostname validation

---
 docker.go      | 32 +++++++++++++++++++++++++++-----
 docker_test.go |  2 +-
 2 files changed, 28 insertions(+), 6 deletions(-)

diff --git a/docker.go b/docker.go
index 1926578..4696e99 100644
--- a/docker.go
+++ b/docker.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"regexp"
 	"strings"
 
 	"docker.io/go-docker/api/types"
@@ -87,30 +88,51 @@ func getIPsToNames(client dockerClienter, id string) (ipsToNamesMap, error) {
 			return names
 		}
 
+		validateHostname := func(hosts ...string) []string {
+			var validHosts []string
+
+			for _, host := range hosts {
+				matches, err := regexp.MatchString("^[a-zA-Z][a-zA-Z0-9.-]*[a-zA-Z0-9]$", host)
+	
+				if err != nil {
+					log.Fatal(err)
+				}
+	
+				if matches {
+					validHosts = append(validHosts, host)
+				} else {
+					log.Warnf("Skipping '%s' doas not seem a valid hostname.", host)
+				}
+			}
+	
+			return validHosts
+		}
+	
 		names = appendNames(names, strings.Trim(containerFull.Name, "/"))
 		for _, name := range netInfo.Aliases {
 			names = appendNames(names, name)
 		}
 
 		if label, ok := containerFull.Config.Labels[dockerLabel]; ok {
+			label = strings.TrimSpace(label)
 			if (strings.HasPrefix(label, "[")) {
-				var parsed []string; 
+				var parsed []string
 				err := json.Unmarshal([]byte(label), &parsed)
 				if err != nil {
 					log.Errorf("error parsing JSON: %s", err)
 				}
-				names = append(names, parsed...)
-			} else if (strings.HasPrefix(label, "\"")) {
+				names = append(names, validateHostname(parsed...)...)
+			} else if (strings.HasPrefix(label, `"`)) {
 				var parsed string; 
 				err := json.Unmarshal([]byte(label), &parsed)
 				if err != nil {
 					log.Errorf("error parsing JSON: %s", err)
 				}
-				names = append(names, parsed)
+				names = append(names, validateHostname(parsed)...)
 			} else if (strings.HasPrefix(label, "{")) {
 				log.Errorf("JSON objects are not supported: %s", label)
 			} else {
-				names = append(names, label)
+				names = append(names, validateHostname(label)...)
 			}
 		}
 
diff --git a/docker_test.go b/docker_test.go
index 3a3b11a..52fc881 100644
--- a/docker_test.go
+++ b/docker_test.go
@@ -128,7 +128,7 @@ func (testClient) ContainerInspect(_ context.Context, ID string) (types.Containe
 		return types.ContainerJSON{
 			ContainerJSONBase: &types.ContainerJSONBase{Name: "service5"},
 			Config:            &container.Config{Labels: map[string]string{
-				dockerLabel: `["a.example.com", "b.example.com"]`,
+				dockerLabel: `["a.example.com", "b.example.com", "invalid."]`,
 			}},
 			NetworkSettings: &types.NetworkSettings{
 				Networks: map[string]*network.EndpointSettings{