[openssh-commits] [openssh] 02/02: upstream: don't allow \0 characters in url-encoded strings.
git+noreply at mindrot.org
git+noreply at mindrot.org
Thu Sep 4 10:30:44 AEST 2025
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit 43b3bff47bb029f2299bacb6a36057981b39fdb0
Author: djm at openbsd.org <djm at openbsd.org>
AuthorDate: Thu Sep 4 00:30:06 2025 +0000
upstream: don't allow \0 characters in url-encoded strings.
Suggested by David Leadbeater, ok deraadt@
OpenBSD-Commit-ID: c92196cef0f970ceabc1e8007a80b01e9b7cd49c
---
misc.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/misc.c b/misc.c
index 5c384c63d..c80f65554 100644
--- a/misc.c
+++ b/misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.c,v 1.204 2025/09/02 09:34:48 djm Exp $ */
+/* $OpenBSD: misc.c,v 1.205 2025/09/04 00:30:06 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2005-2020 Damien Miller. All rights reserved.
@@ -994,7 +994,7 @@ urldecode(const char *src)
size_t srclen;
if ((srclen = strlen(src)) >= SIZE_MAX)
- fatal_f("input too large");
+ return NULL;
ret = xmalloc(srclen + 1);
for (dst = ret; *src != '\0'; src++) {
switch (*src) {
@@ -1002,9 +1002,10 @@ urldecode(const char *src)
*dst++ = ' ';
break;
case '%':
+ /* note: don't allow \0 characters */
if (!isxdigit((unsigned char)src[1]) ||
!isxdigit((unsigned char)src[2]) ||
- (ch = hexchar(src + 1)) == -1) {
+ (ch = hexchar(src + 1)) == -1 || ch == 0) {
free(ret);
return NULL;
}
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list