[tin-bugs] Possible shell injection via group name

Tue Apr 14 17:10:30 CEST 2026

Urs Janßen wrote:
> === modified file 'src/newsrc.c'
> --- old/src/newsrc.c    2026-04-12 08:34:09 +0000
> +++ new/src/newsrc.c    2026-04-14 14:30:27 +0000
> @@ -1754,6 +1754,9 @@
>         tmp = ptr;                                                      /* Keep this blank for later */
>         *(ptr++) = '\0';                                        /* Terminate the group name */
>  
> +       if (strpbrk(ptr, " \t")) != NULL)       /* minimalistic name validation */

that should be
		if (strpbrk(line, " \t")) != NULL)
not ptr.