Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:FrontRunner
curl.24878
curl-CVE-2022-27775.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File curl-CVE-2022-27775.patch of Package curl.24878
From 46091487fbdb37ffbe9c495de86c62d14634b71a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg <daniel@haxx.se> Date: Thu, 21 Apr 2022 12:30:34 +0200 Subject: [PATCH] conncache: include the zone id in the "bundle" hashkey Make connections to two separate IPv6 zone ids create separate connections. Reported-by: Harry Sintonen Bug: https://curl.se/docs/CVE-2022-27775.html --- lib/conncache.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) Index: curl-7.66.0/lib/conncache.c =================================================================== --- curl-7.66.0.orig/lib/conncache.c +++ curl-7.66.0/lib/conncache.c @@ -180,8 +180,12 @@ static void hashkey(struct connectdata * /* report back which name we used */ *hostp = hostname; - /* put the number first so that the hostname gets cut off if too long */ - msnprintf(buf, len, "%ld%s", port, hostname); + /* put the numbers first so that the hostname gets cut off if too long */ +#ifdef ENABLE_IPV6 + msnprintf(buf, len, "%u/%ld/%s", conn->scope_id, port, hostname); +#else + msnprintf(buf, len, "%ld/%s", port, hostname); +#endif } void Curl_conncache_unlock(struct Curl_easy *data)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor