File curl-CVE-2024-2004.patch of Package curl.36283

Overview Repositories Revisions Requests Users Attributes Meta

File curl-CVE-2024-2004.patch of Package curl.36283

From 17d302e56221f5040092db77d4f85086e8a20e0e Mon Sep 17 00:00:00 2001
From: Daniel Gustafsson <daniel@yesql.se>
Date: Tue, 27 Feb 2024 15:43:56 +0100
Subject: [PATCH] setopt: Fix disabling all protocols

When disabling all protocols without enabling any, the resulting
set of allowed protocols remained the default set.  Clearing the
allowed set before inspecting the passed value from --proto make
the set empty even in the errorpath of no protocols enabled.

Co-authored-by: Dan Fandrich <dan@telarity.com>
Reported-by: Dan Fandrich <dan@telarity.com>
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Closes: #13004
---
 lib/setopt.c            | 16 ++++++++--------
 tests/data/Makefile.inc |  2 +-
 tests/data/test1474     | 42 +++++++++++++++++++++++++++++++++++++++++
 3 files changed, 51 insertions(+), 9 deletions(-)
 create mode 100644 tests/data/test1474

Index: curl-8.0.1/lib/setopt.c
===================================================================
--- curl-8.0.1.orig/lib/setopt.c
+++ curl-8.0.1/lib/setopt.c
@@ -150,6 +150,12 @@ static CURLcode setstropt_userpwd(char *
 
 static CURLcode protocol2num(const char *str, curl_prot_t *val)
 {
+  /*
+   * We are asked to cherry-pick protocols, so play it safe and disallow all
+   * protocols to start with, and re-add the wanted ones back in.
+   */
+  *val = 0;
+
   if(!str)
     return CURLE_BAD_FUNCTION_ARGUMENT;
 
@@ -158,8 +164,6 @@ static CURLcode protocol2num(const char
     return CURLE_OK;
   }
 
-  *val = 0;
-
   do {
     const char *token = str;
     size_t tlen;
@@ -2666,22 +2670,18 @@ CURLcode Curl_vsetopt(struct Curl_easy *
     break;
 
   case CURLOPT_PROTOCOLS_STR: {
-    curl_prot_t prot;
     argptr = va_arg(param, char *);
-    result = protocol2num(argptr, &prot);
+    result = protocol2num(argptr, &data->set.allowed_protocols);
     if(result)
       return result;
-    data->set.allowed_protocols = prot;
     break;
   }
 
   case CURLOPT_REDIR_PROTOCOLS_STR: {
-    curl_prot_t prot;
     argptr = va_arg(param, char *);
-    result = protocol2num(argptr, &prot);
+    result = protocol2num(argptr, &data->set.redir_protocols);
     if(result)
       return result;
-    data->set.redir_protocols = prot;
     break;
   }
 
Index: curl-8.0.1/tests/data/Makefile.inc
===================================================================
--- curl-8.0.1.orig/tests/data/Makefile.inc
+++ curl-8.0.1/tests/data/Makefile.inc
@@ -188,7 +188,7 @@ test1440 test1441 test1442 test1443 test
 test1448 test1449 test1450 test1451 test1452 test1453 test1454 test1455 \
 test1456 test1457 test1458 test1459 test1460 test1461 test1462 test1463 \
 test1464 test1465 test1466 test1467 test1468 test1469 test1470 \
-\
+test1474 \
 test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1507 \
 test1508 test1509 test1510 test1511 test1512 test1513 test1514 test1515 \
 test1516 test1517 test1518 test1519 test1520 test1521 test1522 test1523 \
Index: curl-8.0.1/tests/data/test1474
===================================================================
--- /dev/null
+++ curl-8.0.1/tests/data/test1474
@@ -0,0 +1,42 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+--proto
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data>
+</data>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+none
+</server>
+<features>
+http
+</features>
+<name>
+--proto -all disables all protocols
+</name>
+<command>
+--proto -all http://%HOSTIP:%NOLISTENPORT/%TESTNUMBER
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+# 1 - Protocol "http" disabled
+<errorcode>
+1
+</errorcode>
+</verify>
+</testcase>

Places

File curl-CVE-2024-2004.patch of Package curl.36283

Places