fdo-mirrors/xserver
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/xorg/xserver.git synced 2026-06-07 00:38:20 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

os/access: fix off-by-one in hostname character validation range

Browse source 
In siHostnameCheckAddr(), the digit validation range was 0x30-0x3A, but
0x3A is the colon character (':'). The ASCII range for digits 0-9 is
0x30-0x39.

Colons in hostnames violate RFC 2396 section 3.2.2 and we're not parsing
the host:port notation here.

Assisted-by: Claude:claude-claude-opus-4-6
Part-of: <https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2200>
This commit is contained in:
Peter Hutterer 2026-04-17 10:12:42 +10:00 committed by Marge Bot
parent 75541aa42b
commit 3c576260f2
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
os/access.c
View file

@ -1879,7 +1879,7 @@ siHostnameCheckAddr(const char *valueString, int length, void *typePriv)
dotAllowed = FALSE;
}
}
else if (((c >= 0x30) && (c <= 0x3A)) /* 0-9 */ ||
else if (((c >= 0x30) && (c <= 0x39)) /* 0-9 */ ||
((c >= 0x61) && (c <= 0x7A)) /* a-z */ ||
((c >= 0x41) && (c <= 0x5A)) /* A-Z */ ) {
dotAllowed = TRUE;