Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
curl.28253
curl-CVE-2014-3620.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File curl-CVE-2014-3620.patch of Package curl.28253
From fd7ae600adf23a9a1ed619165c5058bdec216e9c Mon Sep 17 00:00:00 2001 From: Daniel Stenberg <daniel@haxx.se> Date: Tue, 19 Aug 2014 21:11:20 +0200 Subject: [PATCH] cookies: reject incoming cookies set for TLDs Test 61 was modified to verify this. CVE-2014-3620 Reported-by: Tim Ruehsen URL: http://curl.haxx.se/docs/adv_20140910B.html --- lib/cookie.c | 6 ++++++ tests/data/test61 | 1 + 2 files changed, 7 insertions(+) Index: curl-7.37.0/lib/cookie.c =================================================================== --- curl-7.37.0.orig/lib/cookie.c 2014-09-10 17:22:55.987567327 +0200 +++ curl-7.37.0/lib/cookie.c 2014-09-10 17:22:59.382608188 +0200 @@ -463,6 +463,7 @@ Curl_cookie_add(struct SessionHandle *da } else if(Curl_raw_equal("domain", name)) { bool is_ip; + const char *dotp; /* Now, we make sure that our host is within the given domain, or the given domain is not valid and thus cannot be set. */ @@ -472,6 +473,11 @@ Curl_cookie_add(struct SessionHandle *da is_ip = isip(domain ? domain : whatptr); + /* check for more dots */ + dotp = strchr(whatptr, '.'); + if(!dotp) + domain=":"; + if(!domain || (is_ip && !strcmp(whatptr, domain)) || (!is_ip && tailmatch(whatptr, domain))) { Index: curl-7.37.0/tests/data/test61 =================================================================== --- curl-7.37.0.orig/tests/data/test61 2014-09-10 17:22:59.383608199 +0200 +++ curl-7.37.0/tests/data/test61 2014-09-10 17:23:23.325896381 +0200 @@ -23,6 +23,7 @@ Set-Cookie: test3=maybe; domain=foo.com; Set-Cookie: test4=no; domain=nope.foo.com; path=/moo; secure Set-Cookie: test5=name; domain=anything.com; path=/ ; secure Set-Cookie: fake=fooledyou; domain=..com; path=/; ++Set-Cookie: supercookie=fooledyou; domain=.com; path=/;^M Content-Length: 4 boo
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor