From 23deffcede86a89a2e6bd6e90fd8115dc08a0b80 Mon Sep 17 00:00:00 2001
From: deraadt <deraadt@openbsd.org>
Date: Wed, 11 Feb 1998 02:26:15 +0000
Subject: increased paranoia about .rhosts validity

---
 lib/libc/net/rcmd.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

(limited to 'lib/libc')

diff --git a/lib/libc/net/rcmd.c b/lib/libc/net/rcmd.c
index 4fbf602215e..9db161e96da 100644
--- a/lib/libc/net/rcmd.c
+++ b/lib/libc/net/rcmd.c
@@ -34,7 +34,7 @@
  */
 
 #if defined(LIBC_SCCS) && !defined(lint)
-static char *rcsid = "$OpenBSD: rcmd.c,v 1.26 1997/07/09 01:08:47 millert Exp $";
+static char *rcsid = "$OpenBSD: rcmd.c,v 1.27 1998/02/11 02:26:15 deraadt Exp $";
 #endif /* LIBC_SCCS and not lint */
 
 #include <sys/param.h>
@@ -417,7 +417,8 @@ __ivaliduser(hostf, raddrl, luser, ruser)
 		/* Skip lines that are too long. */
 		if (strchr(p, '\n') == NULL) {
 			while ((ch = getc(hostf)) != '\n' && ch != EOF)
-				;
+				if (!isprint(ch))
+					goto bail;
 			continue;
 		}
 		if (*p == '#')
@@ -434,8 +435,11 @@ __ivaliduser(hostf, raddrl, luser, ruser)
 				p++;
 			user = p;
 			while (*p != '\n' && *p != ' ' &&
-			    *p != '\t' && *p != '\0')
+			    *p != '\t' && *p != '\0') {
+				if (!isprint(*p))
+					goto bail;
 				p++;
+			}
 		} else
 			user = p;
 		*p = '\0';
-- 
cgit v1.2.3-59-g8ed1b