diff options
| author | CoprDistGit <infra@openeuler.org> | 2025-03-04 03:28:50 +0000 |
|---|---|---|
| committer | CoprDistGit <infra@openeuler.org> | 2025-03-04 03:28:50 +0000 |
| commit | 510937df92473c5a6830d87f078386db8dbf896d (patch) | |
| tree | 64d9befb90cb19890926aedd71df1a7a5452e08c /backport-CVE-2023-46218.patch | |
| parent | dbf64f99d0f0a31203092f9afdc6c07e13917313 (diff) | |
automatic import of curlopeneuler24.03_LTS_SP1
Diffstat (limited to 'backport-CVE-2023-46218.patch')
| -rw-r--r-- | backport-CVE-2023-46218.patch | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/backport-CVE-2023-46218.patch b/backport-CVE-2023-46218.patch new file mode 100644 index 0000000..8158814 --- /dev/null +++ b/backport-CVE-2023-46218.patch @@ -0,0 +1,54 @@ +From 2b0994c29a721c91c572cff7808c572a24d251eb Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg <daniel@haxx.se> +Date: Thu, 23 Nov 2023 08:15:47 +0100 +Subject: [PATCH] cookie: lowercase the domain names before PSL checks + +Reported-by: Harry Sintonen + +Closes #12387 + +Conflict:NA +Reference:https://github.com/curl/curl/commit/2b0994c29a721c91c572cff7808c572a24d251eb +--- + lib/cookie.c | 24 ++++++++++++++++-------- + 1 file changed, 16 insertions(+), 8 deletions(-) + +diff --git a/lib/cookie.c b/lib/cookie.c +index 568cf537a..9095cea3e 100644 +--- a/lib/cookie.c ++++ b/lib/cookie.c +@@ -1027,15 +1027,23 @@ Curl_cookie_add(struct Curl_easy *data, + * dereference it. + */ + if(data && (domain && co->domain && !Curl_host_is_ipnum(co->domain))) { +- const psl_ctx_t *psl = Curl_psl_use(data); +- int acceptable; +- +- if(psl) { +- acceptable = psl_is_cookie_domain_acceptable(psl, domain, co->domain); +- Curl_psl_release(data); ++ bool acceptable = FALSE; ++ char lcase[256]; ++ char lcookie[256]; ++ size_t dlen = strlen(domain); ++ size_t clen = strlen(co->domain); ++ if((dlen < sizeof(lcase)) && (clen < sizeof(lcookie))) { ++ const psl_ctx_t *psl = Curl_psl_use(data); ++ if(psl) { ++ /* the PSL check requires lowercase domain name and pattern */ ++ Curl_strntolower(lcase, domain, dlen + 1); ++ Curl_strntolower(lcookie, co->domain, clen + 1); ++ acceptable = psl_is_cookie_domain_acceptable(psl, lcase, lcookie); ++ Curl_psl_release(data); ++ } ++ else ++ acceptable = !bad_domain(domain, strlen(domain)); + } +- else +- acceptable = !bad_domain(domain, strlen(domain)); + + if(!acceptable) { + infof(data, "cookie '%s' dropped, domain '%s' must not " +-- +2.33.0 + |