On Sep 20, 2014, at 3:36 PM, Sebastian Benoit <benoit-li...@fb12.de> wrote:
> Charles Musser(cmus...@sonic.net) on 2014.09.20 14:44:45 -0700: >> + /* >> + * XXX validate that domain name only contains valid characters >> + * for two reasons: 1) correctness, 2) we do not want to pass >> + * possible malicious, unescaped characters like `` to a script >> + * or program that could be exploited that way. >> + */ >> + >> + return (src - src_origin); > > this alone is a reason why this diff is wrong. Yeah, that is bad. I'll add a validator. > > /Benno > > (and removing all of the ifndef SMALL is another) I thought the removal was reasonable (SMALL didn't totally disappear, BTW). What's the rationale for keeping them as is? More to to point, what is SMALL accomplishing in specific case of the rtsol program?
