diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2022-05-10 07:41:38 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2022-05-10 07:41:38 +0000 |
| commit | 047a8ee8899f3f64582a55c36c345f51fcbe2ebb (patch) | |
| tree | cc4fe22f3cd4eb04bafaf6086c52be322d278021 /usr.sbin/rpki-client/validate.c | |
| parent | 86ec6d969efe1cf0f6aabc9cc60252e935188120 (diff) | |
Validate RSC filenames
Factor out POSIX portable filename check into a new valid_filename() and
rename the previous valid_filename() to valid_mft_filename(). Fixes and
supersedes imcomplete checks in the RSC code. Avoids truncation via
strndup() in case of embedded NULs.
input/ok claudio
Diffstat (limited to 'usr.sbin/rpki-client/validate.c')
| -rw-r--r-- | usr.sbin/rpki-client/validate.c | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/usr.sbin/rpki-client/validate.c b/usr.sbin/rpki-client/validate.c index 4677093f1b7..ca0312692d9 100644 --- a/usr.sbin/rpki-client/validate.c +++ b/usr.sbin/rpki-client/validate.c @@ -1,4 +1,4 @@ -/* $OpenBSD: validate.c,v 1.31 2022/04/21 09:53:07 claudio Exp $ */ +/* $OpenBSD: validate.c,v 1.32 2022/05/10 07:41:37 tb Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -275,6 +275,22 @@ valid_hash(unsigned char *buf, size_t len, const char *hash, size_t hlen) } /* + * Validate that a filename only contains characters from the POSIX portable + * filename character set [A-Za-z0-9._-], see IEEE Std 1003.1-2013, 3.278. + */ +int +valid_filename(const char *fn, size_t len) +{ + const unsigned char *c; + size_t i; + + for (c = fn, i = 0; i < len; i++, c++) + if (!isalnum(*c) && *c != '-' && *c != '_' && *c != '.') + return 0; + return 1; +} + +/* * Validate a URI to make sure it is pure ASCII and does not point backwards * or doing some other silly tricks. To enforce the protocol pass either * https:// or rsync:// as proto, if NULL is passed no protocol is enforced. |