Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
acme/autocert: properly clean DirCache paths
Don't assume the path passed into the DirCache methods is absolute, and clean it before further operating on it. Put and Delete are not attacker controlled, but clean them anyway. Fixes #53082 Fixes CVE-2022-30636 Change-Id: I755f525a737da60ccba07ebce4d41cc8faebfcca Reviewed-on: https://go-review.googlesource.com/c/crypto/+/408694 Run-TryBot: Roland Shoemaker <roland@golang.org> Reviewed-by: Damien Neil <dneil@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
- Loading branch information