Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:FrontRunner
curl-mini.35243
curl-CVE-2023-28320.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File curl-CVE-2023-28320.patch of Package curl-mini.35243
From 13718030ad4b3209a7583b4f27f683cd3a6fa5f2 Mon Sep 17 00:00:00 2001 From: Harry Sintonen <sintonen@iki.fi> Date: Tue, 25 Apr 2023 09:22:26 +0200 Subject: [PATCH] hostip: add locks around use of global buffer for alarm() When building with the sync name resolver and timeout ability we now require thread-safety to be present to enable it. Closes #11030 --- lib/hostip.c | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) Index: curl-7.66.0/lib/hostip.c =================================================================== --- curl-7.66.0.orig/lib/hostip.c +++ curl-7.66.0/lib/hostip.c @@ -67,12 +67,19 @@ #include "curl_memory.h" #include "memdebug.h" -#if defined(CURLRES_SYNCH) && \ - defined(HAVE_ALARM) && defined(SIGALRM) && defined(HAVE_SIGSETJMP) +#if defined(CURLRES_SYNCH) && \ + defined(HAVE_ALARM) && \ + defined(SIGALRM) && \ + defined(HAVE_SIGSETJMP) && \ + defined(GLOBAL_INIT_IS_THREADSAFE) /* alarm-based timeouts can only be used with all the dependencies satisfied */ #define USE_ALARM_TIMEOUT #endif +#ifdef USE_ALARM_TIMEOUT +#include "easy_lock.h" +#endif + #define MAX_HOSTCACHE_LEN (255 + 7) /* max FQDN + colon + port number + zero */ /* @@ -247,11 +254,12 @@ void Curl_hostcache_prune(struct Curl_ea Curl_share_unlock(data, CURL_LOCK_DATA_DNS); } -#ifdef HAVE_SIGSETJMP +#ifdef USE_ALARM_TIMEOUT /* Beware this is a global and unique instance. This is used to store the return address that we can jump back to from inside a signal handler. This is not thread-safe stuff. */ sigjmp_buf curl_jmpenv; +curl_simple_lock curl_jmpenv_lock; #endif /* lookup address, returns entry if found and not stale */ @@ -592,7 +600,6 @@ int Curl_resolv(struct connectdata *conn static RETSIGTYPE alarmfunc(int sig) { - /* this is for "-ansi -Wall -pedantic" to stop complaining! (rabe) */ (void)sig; siglongjmp(curl_jmpenv, 1); } @@ -673,6 +680,8 @@ int Curl_resolv_timeout(struct connectda This should be the last thing we do before calling Curl_resolv(), as otherwise we'd have to worry about variables that get modified before we invoke Curl_resolv() (and thus use "volatile"). */ + curl_simple_lock_lock(&curl_jmpenv_lock); + if(sigsetjmp(curl_jmpenv, 1)) { /* this is coming from a siglongjmp() after an alarm signal */ failf(data, "name lookup timed out"); @@ -741,6 +750,8 @@ clean_up: #endif #endif /* HAVE_SIGACTION */ + curl_simple_lock_unlock(&curl_jmpenv_lock); + /* switch back the alarm() to either zero or to what it was before minus the time we spent until now! */ if(prev_alarm) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor