From 0d5e0b99223a1a797f44bc8d99b9f2ce2c7e5796 Mon Sep 17 00:00:00 2001
From: Artem Boldariev <artem@boldariev.com>
Date: Wed, 29 Sep 2021 19:37:15 +0300
Subject: [PATCH 1/2] Validate HTTP path passed to dig

The commit makes sure that the HTTP path passed to dig is a valid one.
---
 bin/dig/dig.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/bin/dig/dig.c b/bin/dig/dig.c
index 7b1e649d1c..0b1a0bfcb9 100644
--- a/bin/dig/dig.c
+++ b/bin/dig/dig.c
@@ -1482,6 +1482,14 @@ plus_option(char *option, bool is_batchfile, bool *need_clone,
 				lookup->https_path = isc_mem_strdup(
 					mctx, ISC_NM_HTTP_DEFAULT_PATH);
 			} else {
+				if (!isc_nm_http_path_isvalid(value)) {
+					fprintf(stderr,
+						";; The given HTTP path \"%s\" "
+						"is not "
+						"a valid absolute path\n",
+						value);
+					goto invalid_option;
+				}
 				lookup->https_path = isc_mem_strdup(mctx,
 								    value);
 			}

From b20a8c50653ce0bd064d082b681bd4b6582d7950 Mon Sep 17 00:00:00 2001
From: Artem Boldariev <artem@boldariev.com>
Date: Wed, 29 Sep 2021 19:39:51 +0300
Subject: [PATCH 2/2] Modify CHANGES [GL #2923]

Mention that the HTTP path is now validated.
---
 CHANGES | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CHANGES b/CHANGES
index fa1b9878e5..b21af38303 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,5 @@
+5725.	[bug]		Validate HTTP path passed to dig. [GL #2923]
+
 5724.	[bug]		Address potential dead lock when checking zone
 			content consistency. [GL #2908]