Projects
Mega:24.09
libssh
_service:tar_scm:backport-0002-CVE-2023-6004-co...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:backport-0002-CVE-2023-6004-config_parser-Allow-multiple-in-userna.patch of Package libssh
From a66b4a6eae6614d200a3625862d77565b96a7cd3 Mon Sep 17 00:00:00 2001 From: Norbert Pocs <norbertpocs0@gmail.com> Date: Wed, 1 Nov 2023 11:24:43 +0100 Subject: [PATCH 02/20] CVE-2023-6004: config_parser: Allow multiple '@' in usernames Signed-off-by: Norbert Pocs <norbertpocs0@gmail.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com> --- src/config_parser.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/config_parser.c b/src/config_parser.c index 0d988fec..cf83e2c5 100644 --- a/src/config_parser.c +++ b/src/config_parser.c @@ -180,7 +180,7 @@ int ssh_config_parse_uri(const char *tok, } /* Username part (optional) */ - endp = strchr(tok, '@'); + endp = strrchr(tok, '@'); if (endp != NULL) { /* Zero-length username is not valid */ if (tok == endp) { -- 2.33.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2