forked from curl/curl-www
-
Notifications
You must be signed in to change notification settings - Fork 0
/
CVE-2014-8150.patch
36 lines (31 loc) · 1.1 KB
/
CVE-2014-8150.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
From 4e2ac2afa94f014a2a015c48c678e2367a63ae82 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 25 Dec 2014 23:55:03 +0100
Subject: [PATCH] url-parsing: reject CRLFs within URLs
Bug: https://curl.haxx.se/docs/adv_20150108B.html
Reported-by: Andrey Labunets
---
lib/url.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/lib/url.c b/lib/url.c
index 788f048..d3bb5e0 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -3840,10 +3840,17 @@ static CURLcode parseurlandfillconn(struct SessionHandle *data,
CURLcode result;
bool rebuild_url = FALSE;
*prot_missing = FALSE;
+ /* We might pass the entire URL into the request so we need to make sure
+ * there are no bad characters in there.*/
+ if(strpbrk(data->change.url, "\r\n")) {
+ failf(data, "Illegal characters found in URL");
+ return CURLE_URL_MALFORMAT;
+ }
+
/*************************************************************
* Parse the URL.
*
* We need to parse the url even when using the proxy, because we will need
* the hostname and port in case we are trying to SSL connect through the
--
2.1.4