]> git.decadent.org.uk Git - odhcp6c.git/commit
projects / odhcp6c.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: abe9d1b) | patch
Fix potential log forgery via status string
authorBen Hutchings <ben@decadent.org.uk>
Thu, 28 Jan 2016 01:44:10 +0000 (01:44 +0000)
committerBen Hutchings <ben@decadent.org.uk>
Thu, 28 Jan 2016 13:40:25 +0000 (13:40 +0000)
commitf92e692eefa05ddb7b0b2817260b03262f30090e
treef34576f281788351ca83e245655792cbd72bf87etree | snapshot
parentabe9d1b0739857f4a0d25005f9f0523153a6fe23commit | diff
Fix potential log forgery via status string

We should not include any control characters from the server status
message when logging it; in particular if we include '\n' this could
result in additional arbitrary log lines.  In dhcpv6_log_status_code,
replace all control characters with '?'.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
src/dhcpv6.c diff | blob | history
Package: odhcp6c