From: deraadt Date: Mon, 18 Jul 2022 04:42:37 +0000 (+0000) Subject: the domainname is under root control, but because we are producing a path X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=f004b630b20df7aeaf4d1ae0595d0884a40537b1;p=openbsd the domainname is under root control, but because we are producing a path inside ypconnect(), it is best if we prevent "../" problems. so reject domainnames containing '/. discussed with jca --- diff --git a/sys/kern/uipc_syscalls.c b/sys/kern/uipc_syscalls.c index 946ba125c77..617026e0193 100644 --- a/sys/kern/uipc_syscalls.c +++ b/sys/kern/uipc_syscalls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uipc_syscalls.c,v 1.198 2022/07/18 03:02:05 deraadt Exp $ */ +/* $OpenBSD: uipc_syscalls.c,v 1.199 2022/07/18 04:42:37 deraadt Exp $ */ /* $NetBSD: uipc_syscalls.c,v 1.19 1996/02/09 19:00:48 christos Exp $ */ /* @@ -1331,7 +1331,7 @@ sys_ypconnect(struct proc *p, void *v, register_t *retval) } __packed data; struct sockaddr_in ypsin; - if (!domainname[0]) + if (!domainname[0] || strchr(domainname, '/')) return EAFNOSUPPORT; switch (SCARG(uap, type)) {