summaryrefslogtreecommitdiffstats
path: root/ssh.c
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2022-10-25 00:43:36 +0200
committerDamien Miller <djm@mindrot.org>2022-10-25 01:16:35 +0200
commit445363433ba20b8a3e655b113858c836da46a1cb (patch)
tree69b808a90d727bc1e2ea69259294dc8e3bf25d6a /ssh.c
parentupstream: regress test for unmatched glob characters; fails before (diff)
downloadopenssh-445363433ba20b8a3e655b113858c836da46a1cb.tar.xz
openssh-445363433ba20b8a3e655b113858c836da46a1cb.zip
upstream: Be more paranoid with host/domain names coming from the
never write a name with bad characters to a known_hosts file. reported by David Leadbeater, ok deraadt@ OpenBSD-Commit-ID: ba9b25fa8b5490b49398471e0c9657b0cbc7a5ad
Diffstat (limited to 'ssh.c')
-rw-r--r--ssh.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/ssh.c b/ssh.c
index 21cbd7c3e..98c68eed5 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.578 2022/10/13 09:09:28 jsg Exp $ */
+/* $OpenBSD: ssh.c,v 1.579 2022/10/24 22:43:36 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -251,6 +251,7 @@ static struct addrinfo *
resolve_host(const char *name, int port, int logerr, char *cname, size_t clen)
{
char strport[NI_MAXSERV];
+ const char *errstr = NULL;
struct addrinfo hints, *res;
int gaierr;
LogLevel loglevel = SYSLOG_LEVEL_DEBUG1;
@@ -276,7 +277,10 @@ resolve_host(const char *name, int port, int logerr, char *cname, size_t clen)
return NULL;
}
if (cname != NULL && res->ai_canonname != NULL) {
- if (strlcpy(cname, res->ai_canonname, clen) >= clen) {
+ if (!valid_domain(res->ai_canonname, 0, &errstr)) {
+ error("ignoring bad CNAME \"%s\" for host \"%s\": %s",
+ res->ai_canonname, name, errstr);
+ } else if (strlcpy(cname, res->ai_canonname, clen) >= clen) {
error_f("host \"%s\" cname \"%s\" too long (max %lu)",
name, res->ai_canonname, (u_long)clen);
if (clen > 0)
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-18 08:39:24 +0100