From f004b630b20df7aeaf4d1ae0595d0884a40537b1 Mon Sep 17 00:00:00 2001
From: deraadt <deraadt@openbsd.org>
Date: Mon, 18 Jul 2022 04:42:37 +0000
Subject: [PATCH] the domainname is under root control, but because we are
 producing a path inside ypconnect(), it is best if we prevent "../" problems.
  so reject domainnames containing '/. discussed with jca

---
 sys/kern/uipc_syscalls.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sys/kern/uipc_syscalls.c b/sys/kern/uipc_syscalls.c
index 946ba125c77..617026e0193 100644
--- a/sys/kern/uipc_syscalls.c
+++ b/sys/kern/uipc_syscalls.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: uipc_syscalls.c,v 1.198 2022/07/18 03:02:05 deraadt Exp $	*/
+/*	$OpenBSD: uipc_syscalls.c,v 1.199 2022/07/18 04:42:37 deraadt Exp $	*/
 /*	$NetBSD: uipc_syscalls.c,v 1.19 1996/02/09 19:00:48 christos Exp $	*/
 
 /*
@@ -1331,7 +1331,7 @@ sys_ypconnect(struct proc *p, void *v, register_t *retval)
 	} __packed data;
 	struct sockaddr_in ypsin;
 
-	if (!domainname[0])
+	if (!domainname[0] || strchr(domainname, '/'))
 		return EAFNOSUPPORT;
 
 	switch (SCARG(uap, type)) {
-- 
2.20.1