From 2a35862e664afde774d4a72497d394fe7306ccb5 Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Fri, 16 Nov 2018 03:26:01 +0000
Subject: upstream: use path_absolute() for pathname checks; from Manoj Ampalam

OpenBSD-Commit-ID: 482ce71a5ea5c5f3bc4d00fd719481a6a584d925
---
 auth.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'auth.c')

diff --git a/auth.c b/auth.c
index 3ca3762cc..18d0857ff 100644
--- a/auth.c
+++ b/auth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth.c,v 1.133 2018/09/12 01:19:12 djm Exp $ */
+/* $OpenBSD: auth.c,v 1.134 2018/11/16 03:26:01 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -437,7 +437,7 @@ expand_authorized_keys(const char *filename, struct passwd *pw)
 	 * Ensure that filename starts anchored. If not, be backward
 	 * compatible and prepend the '%h/'
 	 */
-	if (*file == '/')
+	if (path_absolute(file))
 		return (file);
 
 	i = snprintf(ret, sizeof(ret), "%s/%s", pw->pw_dir, file);
@@ -893,7 +893,7 @@ subprocess(const char *tag, struct passwd *pw, const char *command,
 	 * If executing an explicit binary, then verify the it exists
 	 * and appears safe-ish to execute
 	 */
-	if (*av[0] != '/') {
+	if (!path_absolute(av[0])) {
 		error("%s path is not absolute", tag);
 		return 0;
 	}
-- 
cgit v1.2.3