security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Releases Activity

dns: Make reading resolv.conf more robust. 

* dirmngr/dns.c (dns_resconf_loadfile): Skip "search" which
begins with '.'.

--

GnuPG-bug-id: 5657
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2021-10-15 10:49:33 +09:00
parent fb26e144ad
commit 48359c7232
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
dirmngr/dns.c
View File

@ -5657,7 +5657,12 @@ skip:
memset(resconf->search, '\0', sizeof resconf->search);
for (i = 1, j = 0; i < wc && j < lengthof(resconf->search); i++, j++)
dns_d_anchor(resconf->search[j], sizeof resconf->search[j], words[i], strlen(words[i]));
if (words[i][0] == '.') {
/* Ignore invalid search spec. */
j--;
} else {
dns_d_anchor(resconf->search[j], sizeof resconf->search[j], words[i], strlen(words[i]));
}
break;
case DNS_RESCONF_LOOKUP: