diff options
author | Damien Miller <djm@cvs.openbsd.org> | 2022-04-29 04:55:08 +0000 |
---|---|---|
committer | Damien Miller <djm@cvs.openbsd.org> | 2022-04-29 04:55:08 +0000 |
commit | 6ed8231ad9b7b5ac2bab782d137d6368b65e3715 (patch) | |
tree | ec00d455d810f3751e24968e1773fec643780673 | |
parent | 49635992c61c5ab735b9e66dfb4d5aefc04dc021 (diff) |
be stricter in which characters will be accepted in specifying a mask
length; allow only 0-9. From khaleesicodes via GHPR#278; ok dtucker@
-rw-r--r-- | usr.bin/ssh/addr.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/usr.bin/ssh/addr.c b/usr.bin/ssh/addr.c index ac0ef96c041..8774764ce58 100644 --- a/usr.bin/ssh/addr.c +++ b/usr.bin/ssh/addr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: addr.c,v 1.4 2021/10/22 10:51:57 dtucker Exp $ */ +/* $OpenBSD: addr.c,v 1.5 2022/04/29 04:55:07 djm Exp $ */ /* * Copyright (c) 2004-2008 Damien Miller <djm@mindrot.org> @@ -393,7 +393,7 @@ addr_pton_cidr(const char *p, struct xaddr *n, u_int *l) *mp = '\0'; mp++; masklen = strtoul(mp, &cp, 10); - if (*mp == '\0' || *cp != '\0' || masklen > 128) + if (*mp < '0' || *mp > '9' || *cp != '\0' || masklen > 128) return -1; } |