artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f61291a) | patch
Be more paranoid with host/domain names coming from the resolver:
authordjm <djm@openbsd.org>
Mon, 24 Oct 2022 22:43:36 +0000 (22:43 +0000)
committerdjm <djm@openbsd.org>
Mon, 24 Oct 2022 22:43:36 +0000 (22:43 +0000)
commit64416e996841f6651db1721672edf837c235712c
treea88edbaa845daeab98a9890c68f82c010a070cfetree | snapshot
parentf61291ae0e05a14a2b177c2ecb6b00f9ef36d523commit | diff
Be more paranoid with host/domain names coming from the resolver:
don't follow CNAMEs with invalid characters when canonicalising
and never write a name with bad characters to a known_hosts file.

reported by David Leadbeater, ok deraadt@
usr.bin/ssh/ssh.c diff | blob | history
usr.bin/ssh/sshconnect.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim