From 2d38046a5acfe26d22e951a75af0669dfbdd5deb Mon Sep 17 00:00:00 2001
From: Harshavardhana <harsha@minio.io>
Date: Fri, 15 Jul 2016 17:30:37 -0700
Subject: [PATCH] utils: BucketNames with double periods and ip address should
 be rejected. (#2213)

Fixes #2212
---
 object-utils.go      | 5 ++++-
 object-utils_test.go | 2 ++
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/object-utils.go b/object-utils.go
index a3b5349fe..7327b4914 100644
--- a/object-utils.go
+++ b/object-utils.go
@@ -39,6 +39,7 @@ const (
 
 // validBucket regexp.
 var validBucket = regexp.MustCompile(`^[a-z0-9][a-z0-9\.\-]{1,61}[a-z0-9]$`)
+var isIPAddress = regexp.MustCompile(`^(\d+\.){3}\d+$`)
 
 // IsValidBucketName verifies a bucket name in accordance with Amazon's
 // requirements. It must be 3-63 characters long, can contain dashes
@@ -51,7 +52,9 @@ func IsValidBucketName(bucket string) bool {
 	if bucket[0] == '.' || bucket[len(bucket)-1] == '.' {
 		return false
 	}
-	return validBucket.MatchString(bucket)
+	return (validBucket.MatchString(bucket) &&
+		!isIPAddress.MatchString(bucket) &&
+		!strings.Contains(bucket, ".."))
 }
 
 // IsValidObjectName verifies an object name in accordance with Amazon's
diff --git a/object-utils_test.go b/object-utils_test.go
index 299185d0c..799e24985 100644
--- a/object-utils_test.go
+++ b/object-utils_test.go
@@ -42,6 +42,8 @@ func TestIsValidBucketName(t *testing.T) {
 		// cases for which test should fail.
 		// passing invalid bucket names.
 		{"------", false},
+		{"my..bucket", false},
+		{"192.168.1.1", false},
 		{"$this-is-not-valid-too", false},
 		{"contains-$-dollar", false},
 		{"contains-^-carrot", false},