Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
curl.28253
curl-CVE-2017-1000101.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File curl-CVE-2017-1000101.patch of Package curl.28253
@@ -, +, @@ range --- src/tool_urlglob.c | 5 ++++- tests/data/Makefile.inc | 2 +- tests/data/test1289 | 35 +++++++++++++++++++++++++++++++++++ 3 files changed, 40 insertions(+), 2 deletions(-) create mode 100644 tests/data/test1289 Index: curl-7.37.0/src/tool_urlglob.c =================================================================== --- curl-7.37.0.orig/src/tool_urlglob.c +++ curl-7.37.0/src/tool_urlglob.c @@ -271,7 +271,10 @@ static GlobCode glob_range(URLGlob *glob } errno = 0; max_n = strtoul(pattern, &endp, 10); - if(errno || (*endp == ':')) { + if(errno) + /* overflow */ + endp = NULL; + else if(*endp == ':') { pattern = endp+1; errno = 0; step_n = strtoul(pattern, &endp, 10); Index: curl-7.37.0/tests/data/Makefile.am =================================================================== --- curl-7.37.0.orig/tests/data/Makefile.am +++ curl-7.37.0/tests/data/Makefile.am @@ -105,6 +105,7 @@ test1216 test1217 test1218 test1219 \ test1220 test1221 test1222 test1223 test1224 test1225 test1226 test1227 \ test1228 test1229 test1230 test1231 test1232 test1233 test1234 test1235 \ test1236 test1237 test1238 test1239 test1240 \ +test1289 \ \ test1300 test1301 test1302 test1303 test1304 test1305 test1306 test1307 \ test1308 test1309 test1310 test1311 test1312 test1313 test1314 test1315 \ Index: curl-7.37.0/tests/data/Makefile.in =================================================================== --- curl-7.37.0.orig/tests/data/Makefile.in +++ curl-7.37.0/tests/data/Makefile.in @@ -413,6 +413,7 @@ test1216 test1217 test1218 test1219 \ test1220 test1221 test1222 test1223 test1224 test1225 test1226 test1227 \ test1228 test1229 test1230 test1231 test1232 test1233 test1234 test1235 \ test1236 test1237 test1238 test1239 test1240 \ +test1289 \ \ test1300 test1301 test1302 test1303 test1304 test1305 test1306 test1307 \ test1308 test1309 test1310 test1311 test1312 test1313 test1314 test1315 \ Index: curl-7.37.0/tests/data/test1289 =================================================================== --- /dev/null +++ curl-7.37.0/tests/data/test1289 @@ -0,0 +1,35 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP GET +globbing +</keywords> +</info> + +# +# Server-side +<reply> +</reply> + +# Client-side +<client> +<server> +http +</server> +<name> +globbing with overflow and bad syntxx +</name> +<command> +http://ur%20[0-60000000000000000000 +</command> +</client> + +# Verify data after the test has been "shot" +<verify> +# curl: (3) [globbing] bad range in column +<errorcode> +3 +</errorcode> +</verify> +</testcase>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor