ssh-keygen: sanitize ANSI escape sequences in key comment
Damien Miller
djm at mindrot.org
Mon Jan 4 18:29:10 AEDT 2016
On Sat, 2 Jan 2016, Roland Hieber wrote:
> On 02.01.2016 22:12, Roland Hieber wrote:
> > Since this is my first patch to OpenSSH, I'm very open for feedback :-)
>
> ...he wrote without attaching the patch...
>
> Sorry.
No problem :) Could I ask you to file a bug at https://bugzilla.mindrot.org/ ?
I think we should use strnvis* with VIS_SAFE|VIS_OCTAL flags instead of
explicit white/blacklists of characters.
-d
* http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/stravis.3?query=strnvis&sec=3
More information about the openssh-unix-dev
mailing list