diff options
| author | NIIBE Yutaka <[email protected]> | 2021-10-15 01:49:33 +0000 |
|---|---|---|
| committer | NIIBE Yutaka <[email protected]> | 2021-10-15 01:54:30 +0000 |
| commit | 48359c723206254d3a22f08eb537a6acc2f04e01 (patch) | |
| tree | 0f69d81c233ee8d8b99cac2637054d33128854f2 | |
| parent | gpg: New option --override-compliance-check (diff) | |
| download | gnupg-48359c723206254d3a22f08eb537a6acc2f04e01.tar.gz gnupg-48359c723206254d3a22f08eb537a6acc2f04e01.zip | |
dns: Make reading resolv.conf more robust.
* dirmngr/dns.c (dns_resconf_loadfile): Skip "search" which
begins with '.'.
--
GnuPG-bug-id: 5657
Signed-off-by: NIIBE Yutaka <[email protected]>
| -rw-r--r-- | dirmngr/dns.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/dirmngr/dns.c b/dirmngr/dns.c index 3ac6a2d02..0296d6296 100644 --- a/dirmngr/dns.c +++ b/dirmngr/dns.c @@ -5657,7 +5657,12 @@ skip: memset(resconf->search, '\0', sizeof resconf->search); for (i = 1, j = 0; i < wc && j < lengthof(resconf->search); i++, j++) - dns_d_anchor(resconf->search[j], sizeof resconf->search[j], words[i], strlen(words[i])); + if (words[i][0] == '.') { + /* Ignore invalid search spec. */ + j--; + } else { + dns_d_anchor(resconf->search[j], sizeof resconf->search[j], words[i], strlen(words[i])); + } break; case DNS_RESCONF_LOOKUP: |