summaryrefslogtreecommitdiff
path: root/usr.bin/signify/signify.c
diff options
context:
space:
mode:
authorTed Unangst <tedu@cvs.openbsd.org>2014-03-16 22:01:36 +0000
committerTed Unangst <tedu@cvs.openbsd.org>2014-03-16 22:01:36 +0000
commit8d9f27e5030cf6130f84c689e1800a29826944c0 (patch)
tree226dafb7138da37723841873200a98dc151c8ba6 /usr.bin/signify/signify.c
parent439b434515bb1ae53c2178adeb46d3d817ee3e6e (diff)
we want strncmp here to be safer. spotted by halex.
Diffstat (limited to 'usr.bin/signify/signify.c')
-rw-r--r--usr.bin/signify/signify.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/usr.bin/signify/signify.c b/usr.bin/signify/signify.c
index a6b1addbe35..0a40c46ec28 100644
--- a/usr.bin/signify/signify.c
+++ b/usr.bin/signify/signify.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: signify.c,v 1.55 2014/03/16 20:17:10 tedu Exp $ */
+/* $OpenBSD: signify.c,v 1.56 2014/03/16 22:01:35 tedu Exp $ */
/*
* Copyright (c) 2013 Ted Unangst <tedu@openbsd.org>
*
@@ -466,7 +466,7 @@ verify(const char *pubkeyfile, const char *msgfile, const char *sigfile,
if (!pubkeyfile) {
if ((pubkeyfile = strstr(comment, VERIFYWITH))) {
pubkeyfile += strlen(VERIFYWITH);
- if (strstr(pubkeyfile, "/etc/signify/") == NULL ||
+ if (strncmp(pubkeyfile, "/etc/signify/", 13) != 0 ||
strstr(pubkeyfile, "/../") != NULL)
errx(1, "untrusted path %s", pubkeyfile);
} else
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-30 01:25:08 +0000