diff options
| author | CoprDistGit <infra@openeuler.org> | 2025-03-04 03:28:50 +0000 |
|---|---|---|
| committer | CoprDistGit <infra@openeuler.org> | 2025-03-04 03:28:50 +0000 |
| commit | 510937df92473c5a6830d87f078386db8dbf896d (patch) | |
| tree | 64d9befb90cb19890926aedd71df1a7a5452e08c /backport-pre-CVE-2024-9681.patch | |
| parent | dbf64f99d0f0a31203092f9afdc6c07e13917313 (diff) | |
automatic import of curlopeneuler24.03_LTS_SP1
Diffstat (limited to 'backport-pre-CVE-2024-9681.patch')
| -rw-r--r-- | backport-pre-CVE-2024-9681.patch | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/backport-pre-CVE-2024-9681.patch b/backport-pre-CVE-2024-9681.patch new file mode 100644 index 0000000..cac0ac4 --- /dev/null +++ b/backport-pre-CVE-2024-9681.patch @@ -0,0 +1,69 @@ +From 60d8663afb0fb7f113604404c50840dfe9320039 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg <daniel@haxx.se> +Date: Tue, 8 Oct 2024 11:20:40 +0200 +Subject: [PATCH] hsts: avoid the local buffer and memcpy on lookup + +Closes #15190 +Conflict:Context adapt +Reference:https://github.com/curl/curl/commit/60d8663afb0fb7f113604404c50840dfe9320039 +--- + lib/hsts.c | 22 +++++++++------------- + 1 file changed, 9 insertions(+), 13 deletions(-) + +diff --git a/lib/hsts.c b/lib/hsts.c +index 7ecf004..f5e5bbf 100644 +--- a/lib/hsts.c ++++ b/lib/hsts.c +@@ -250,7 +250,6 @@ struct stsentry *Curl_hsts(struct hsts *h, const char *hostname, + bool subdomain) + { + if(h) { +- char buffer[MAX_HSTS_HOSTLEN + 1]; + time_t now = time(NULL); + size_t hlen = strlen(hostname); + struct Curl_llist_element *e; +@@ -258,15 +257,13 @@ struct stsentry *Curl_hsts(struct hsts *h, const char *hostname, + + if((hlen > MAX_HSTS_HOSTLEN) || !hlen) + return NULL; +- memcpy(buffer, hostname, hlen); + if(hostname[hlen-1] == '.') + /* remove the trailing dot */ + --hlen; +- buffer[hlen] = 0; +- hostname = buffer; + + for(e = h->list.head; e; e = n) { + struct stsentry *sts = e->ptr; ++ size_t ntail; + n = e->next; + if(sts->expires <= now) { + /* remove expired entries */ +@@ -274,16 +271,15 @@ struct stsentry *Curl_hsts(struct hsts *h, const char *hostname, + hsts_free(sts); + continue; + } +- if(subdomain && sts->includeSubDomains) { +- size_t ntail = strlen(sts->host); +- if(ntail < hlen) { +- size_t offs = hlen - ntail; +- if((hostname[offs-1] == '.') && +- strncasecompare(&hostname[offs], sts->host, ntail)) +- return sts; +- } ++ ntail = strlen(sts->host); ++ if((subdomain && sts->includeSubDomains) && (ntail < hlen)) { ++ size_t offs = hlen - ntail; ++ if((hostname[offs-1] == '.') && ++ strncasecompare(&hostname[offs], sts->host, ntail)) ++ return sts; + } +- if(strcasecompare(hostname, sts->host)) ++ /* avoid strcasecompare because the host name is not null terminated */ ++ if((hlen == ntail) && strncasecompare(hostname, sts->host, hlen)) + return sts; + } + } +-- +2.43.0 + |