1From 9d825e854ef53ebbe0aea2f1a69f52b763104daf Mon Sep 17 00:00:00 2001 2From: Ariadne Conill <ariadne@dereferenced.org> 3Date: Mon, 19 Sep 2022 14:15:12 +0200 4Subject: [PATCH] libbb: sockaddr2str: ensure only printable characters are 5 returned for the hostname part 6 7CVE: CVE-2022-28391 8Signed-off-by: Ariadne Conill <ariadne@dereferenced.org> 9Tested-by: Radoslav Kolev <radoslav.kolev@suse.com> 10Backport from ML: http://lists.busybox.net/pipermail/busybox/2022-July/089796.html 11Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com> 12--- 13 libbb/xconnect.c | 5 +++-- 14 1 file changed, 3 insertions(+), 2 deletions(-) 15 16diff --git a/libbb/xconnect.c b/libbb/xconnect.c 17index 0e0b247b8..02c061e67 100644 18--- a/libbb/xconnect.c 19+++ b/libbb/xconnect.c 20@@ -497,8 +497,9 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags) 21 ); 22 if (rc) 23 return NULL; 24+ /* ensure host contains only printable characters */ 25 if (flags & IGNORE_PORT) 26- return xstrdup(host); 27+ return xstrdup(printable_string(host)); 28 #if ENABLE_FEATURE_IPV6 29 if (sa->sa_family == AF_INET6) { 30 if (strchr(host, ':')) /* heh, it's not a resolved hostname */ 31@@ -509,7 +510,7 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags) 32 #endif 33 /* For now we don't support anything else, so it has to be INET */ 34 /*if (sa->sa_family == AF_INET)*/ 35- return xasprintf("%s:%s", host, serv); 36+ return xasprintf("%s:%s", printable_string(host), serv); 37 /*return xstrdup(host);*/ 38 } 39 40-- 412.37.3 42 43