security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

dns: Make reading resolv.conf more robust. 

* dirmngr/dns.c (dns_resconf_loadfile): Skip "search" which
begins with '.'.

--

GnuPG-bug-id: 5657
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2021-10-15 10:49:33 +09:00 committed by Werner Koch
parent 918e921800
commit 152f028155
No known key found for this signature in database
GPG Key ID: E3FDFF218E45B72B
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
dirmngr/dns.c
View File

@ -5659,7 +5659,12 @@ skip:
memset(resconf->search, '\0', sizeof resconf->search);
for (i = 1, j = 0; i < wc && j < lengthof(resconf->search); i++, j++)
dns_d_anchor(resconf->search[j], sizeof resconf->search[j], words[i], strlen(words[i]));
if (words[i][0] == '.') {
/* Ignore invalid search spec. */
j--;
} else {
dns_d_anchor(resconf->search[j], sizeof resconf->search[j], words[i], strlen(words[i]));
}
break;
case DNS_RESCONF_LOOKUP: