oss-sec mailing list archives
Re: radvd 1.8.2 released with security fixes
From: John Haxby <john.haxby () oracle com>
Date: Fri, 07 Oct 2011 15:41:23 +0100
On 07/10/11 14:03, Robert Święcki wrote:
On Fri, Oct 7, 2011 at 12:35 PM, Huzaifa Sidhpurwala <huzaifas () redhat com> wrote:Shouldnt this be: /* No path traversal */ if (strstr(iface, "..") || strchr(iface, '/')) return -1;FWIW, this will reject too much; /path/to/sth..jpg
Indeed, since I don't believe that iface can reasonably include a "/" its sufficient to check for that. If not then you need to check for "../" at the beginning of iface and "/.." anywhere else in it. But simply forbidding "/" should be fine. jch
Current thread:
- radvd 1.8.2 released with security fixes Solar Designer (Oct 06)
- Re: radvd 1.8.2 released with security fixes Huzaifa Sidhpurwala (Oct 07)
- Re: radvd 1.8.2 released with security fixes Robert Święcki (Oct 07)
- Re: radvd 1.8.2 released with security fixes John Haxby (Oct 07)
- Re: radvd 1.8.2 released with security fixes Vasiliy Kulikov (Oct 08)
- Re: radvd 1.8.2 released with security fixes Reuben Hawkins (Oct 11)
- Re: radvd 1.8.2 released with security fixes Vasiliy Kulikov (Oct 12)
- Re: radvd 1.8.2 released with security fixes Vasiliy Kulikov (Oct 12)
- Ruby 3.0.10 WEBrick::HTTPRequest X-Forwarded-* Kurt Seifried (Oct 12)
- Re: radvd 1.8.2 released with security fixes Reuben Hawkins (Oct 14)
- Re: radvd 1.8.2 released with security fixes Robert Święcki (Oct 07)
- Re: radvd 1.8.2 released with security fixes Huzaifa Sidhpurwala (Oct 07)
- Re: radvd 1.8.2 released with security fixes Solar Designer (Oct 13)
- Re: radvd 1.8.2 released with security fixes Huzaifa Sidhpurwala (Oct 13)
- Re: radvd 1.8.2 released with security fixes Vasiliy Kulikov (Oct 14)