diff options
| author | ache <ache@FreeBSD.org> | 1994-10-22 17:37:06 +0000 |
|---|---|---|
| committer | ache <ache@FreeBSD.org> | 1994-10-22 17:37:06 +0000 |
| commit | 21a0da26e177572c4108baec709ee35ef6176cc1 (patch) | |
| tree | 1852134b14d2eb322b9d4cf0855e6062ae8ad7ab /libexec/talkd | |
| parent | 044b6a0e2c80ff9882634b3b6045613cf39d7d65 (diff) | |
| download | FreeBSD-src-21a0da26e177572c4108baec709ee35ef6176cc1.zip FreeBSD-src-21a0da26e177572c4108baec709ee35ef6176cc1.tar.gz | |
Implement security fix correctly: via isprint()
Diffstat (limited to 'libexec/talkd')
| -rw-r--r-- | libexec/talkd/process.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/libexec/talkd/process.c b/libexec/talkd/process.c index fed7d34..a83492b 100644 --- a/libexec/talkd/process.c +++ b/libexec/talkd/process.c @@ -52,6 +52,7 @@ static char sccsid[] = "@(#)process.c 8.2 (Berkeley) 11/16/93"; #include <syslog.h> #include <stdio.h> #include <string.h> +#include <ctype.h> #include <paths.h> CTL_MSG *find_request(); @@ -63,6 +64,7 @@ process_request(mp, rp) { register CTL_MSG *ptr; extern int debug; + char *s; rp->vers = TALK_VERSION; rp->type = mp->type; @@ -87,11 +89,12 @@ process_request(mp, rp) rp->answer = BADCTLADDR; return; } - if (strchr(mp->l_name, 27)) { - syslog(LOG_NOTICE, "Illegal user name. Aborting"); - rp->answer = FAILED; - return; - } + for (s = mp->l_name; *s; s++) + if (!isprint(*s)) { + syslog(LOG_NOTICE, "Illegal user name. Aborting"); + rp->answer = FAILED; + return; + } mp->pid = ntohl(mp->pid); if (debug) print_request("process_request", mp); |
