CVSROOT: /cvs Module name: src Changes by: [email protected] 2022/11/02 05:28:36
Modified files:
usr.sbin/rpki-client: validate.c
Log message:
Length check URI before strncasecmp()
A priori URI is not NUL terminated, so we should first check it is long
enough before comparing it against proto. As a side effect, this now
rejects "https://"; and "rsync://", which are invalid due to the missing
host in the authority section.
ok claudio
