From 0fce017100c5896cf9dc1fcbd4a39053651c3910 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Fri, 28 Nov 2014 21:30:52 +0100
Subject: Do not allow LFs in the redirected name.

* src/assuan-socket.c (eval_redirection): Stop parsing at the first
LF.
--

Avoiding LFs in file names is better for logging.
---
 src/assuan-socket.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/assuan-socket.c b/src/assuan-socket.c
index c8af51b..c392e93 100644
--- a/src/assuan-socket.c
+++ b/src/assuan-socket.c
@@ -287,8 +287,13 @@ eval_redirection (const char *fname, int *r_redirect)
       return NULL;
     }
   buffer[n] = 0;
+
+  /* Check that it is a redirection file.  We also check that the
+     first byte of the name is not a LF because that would lead to an
+     zero length name. */
   if (n < 17 || buffer[n-1] != '\n'
-      || memcmp (buffer, "%Assuan%\nsocket=", 16))
+      || memcmp (buffer, "%Assuan%\nsocket=", 16)
+      || buffer[16] == '\n')
     {
       gpg_err_set_errno (EINVAL);
       return NULL;
@@ -333,6 +338,8 @@ eval_redirection (const char *fname, int *r_redirect)
             }
           p = pend;
         }
+      else if (*p == '\n')
+        break; /* Be nice and stop at the first LF.  */
       else if (n < sizeof addr->sun_path - 1)
         addr->sun_path[n++] = *p;
       else
-- 
cgit v1.2.3