CVS commit: src/external/bsd/openresolv/dist

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: src/external/bsd/openresolv/dist
From: "Roy Marples" <roy%netbsd.org@localhost>
Date: Thu, 11 Dec 2025 11:16:32 +0000

Module Name:    src
Committed By:   roy
Date:           Thu Dec 11 11:16:32 UTC 2025

Modified Files:
        src/external/bsd/openresolv/dist: resolvconf.in

Log Message:
resolvconf: Single quote parsed values from resolv.conf

When parsing resolv.conf entries we build up shell variables.
Because this is done via a pipe, we need to echo the variables
to stdout and eval the result to get them into the main resolvconf.
We have no idea what the values are, so we build up the output
ensuring the parsed value is single quoted so eval will always
interpret it as a string and nothing more.

This avoids an attack like so:
        `echo 'search $(touch /tmp/foo)' | resolvconf -a bar`


To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 src/external/bsd/openresolv/dist/resolvconf.in

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/sys/arch/next68k/next68k
Next by Date: CVS commit: src/distrib/notes/common
Previous by Thread: CVS commit: src/sys/arch/next68k/next68k
Next by Thread: CVS commit: src/distrib/notes/common
Indexes:

Home | Main Index | Thread Index | Old Index