summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@cvs.openbsd.org>2022-04-29 04:55:08 +0000
committerDamien Miller <djm@cvs.openbsd.org>2022-04-29 04:55:08 +0000
commit6ed8231ad9b7b5ac2bab782d137d6368b65e3715 (patch)
treeec00d455d810f3751e24968e1773fec643780673
parent49635992c61c5ab735b9e66dfb4d5aefc04dc021 (diff)
be stricter in which characters will be accepted in specifying a mask
length; allow only 0-9. From khaleesicodes via GHPR#278; ok dtucker@
-rw-r--r--usr.bin/ssh/addr.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/usr.bin/ssh/addr.c b/usr.bin/ssh/addr.c
index ac0ef96c041..8774764ce58 100644
--- a/usr.bin/ssh/addr.c
+++ b/usr.bin/ssh/addr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: addr.c,v 1.4 2021/10/22 10:51:57 dtucker Exp $ */
+/* $OpenBSD: addr.c,v 1.5 2022/04/29 04:55:07 djm Exp $ */
/*
* Copyright (c) 2004-2008 Damien Miller <djm@mindrot.org>
@@ -393,7 +393,7 @@ addr_pton_cidr(const char *p, struct xaddr *n, u_int *l)
*mp = '\0';
mp++;
masklen = strtoul(mp, &cp, 10);
- if (*mp == '\0' || *cp != '\0' || masklen > 128)
+ if (*mp < '0' || *mp > '9' || *cp != '\0' || masklen > 128)
return -1;
}