aports/main/busybox/0005-libbb-sockaddr2str-ensure-only-printable-characters-.patch

From a8a43d8092563a62349e0c9b5db3926bb3e02f94 Mon Sep 17 00:00:00 2001
From: Ariadne Conill <ariadne@dereferenced.org>
Date: Sun, 3 Apr 2022 18:13:37 +0000
Subject: [PATCH] libbb: sockaddr2str: ensure only printable characters are
 returned for the hostname part

CVE: Pending
Upstream-Status: Pending
Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
---
 libbb/xconnect.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/libbb/xconnect.c b/libbb/xconnect.c
index 0e0b247b8..02c061e67 100644
--- a/libbb/xconnect.c
+++ b/libbb/xconnect.c
@@ -497,8 +497,9 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags)
 	);
 	if (rc)
 		return NULL;
+	/* ensure host contains only printable characters */
 	if (flags & IGNORE_PORT)
-		return xstrdup(host);
+		return xstrdup(printable_string(host));
 #if ENABLE_FEATURE_IPV6
 	if (sa->sa_family == AF_INET6) {
 		if (strchr(host, ':')) /* heh, it's not a resolved hostname */
@@ -509,7 +510,7 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags)
 #endif
 	/* For now we don't support anything else, so it has to be INET */
 	/*if (sa->sa_family == AF_INET)*/
-		return xasprintf("%s:%s", host, serv);
+		return xasprintf("%s:%s", printable_string(host), serv);
 	/*return xstrdup(host);*/
 }