diff options
Diffstat (limited to 'main/curl/CVE-2017-7407.patch')
| -rw-r--r-- | main/curl/CVE-2017-7407.patch | 110 |
1 files changed, 0 insertions, 110 deletions
diff --git a/main/curl/CVE-2017-7407.patch b/main/curl/CVE-2017-7407.patch deleted file mode 100644 index b82df43ee8..0000000000 --- a/main/curl/CVE-2017-7407.patch +++ /dev/null @@ -1,110 +0,0 @@ -From 1890d59905414ab84a35892b2e45833654aa5c13 Mon Sep 17 00:00:00 2001 -From: Dan Fandrich <dan@coneharvesters.com> -Date: Sat, 11 Mar 2017 10:59:34 +0100 -Subject: [PATCH] tool_writeout: fixed a buffer read overrun on --write-out - -If a % ended the statement, the string's trailing NUL would be skipped -and memory past the end of the buffer would be accessed and potentially -displayed as part of the --write-out output. Added tests 1440 and 1441 -to check for this kind of condition. - -Reported-by: Brian Carpenter ---- - src/tool_writeout.c | 2 +- - tests/data/Makefile.inc | 2 +- - tests/data/test1440 | 31 +++++++++++++++++++++++++++++++ - tests/data/test1441 | 31 +++++++++++++++++++++++++++++++ - 4 files changed, 64 insertions(+), 2 deletions(-) - create mode 100644 tests/data/test1440 - create mode 100644 tests/data/test1441 - ---- a/src/tool_writeout.c -+++ b/src/tool_writeout.c -@@ -113,7 +113,7 @@ - double doubleinfo; - - while(ptr && *ptr) { -- if('%' == *ptr) { -+ if('%' == *ptr && ptr[1]) { - if('%' == ptr[1]) { - /* an escaped %-letter */ - fputc('%', stream); ---- a/tests/data/Makefile.inc -+++ b/tests/data/Makefile.inc -@@ -150,7 +150,7 @@ - test1416 test1417 test1418 test1419 test1420 test1421 test1422 test1423 \ - test1424 \ - test1428 test1429 test1430 test1431 test1432 test1433 test1434 test1435 \ --test1436 test1437 test1438 test1439 \ -+test1436 test1437 test1438 test1439 test1440 test1441 \ - \ - test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1507 \ - test1508 test1509 test1510 test1511 test1512 test1513 test1514 test1515 \ ---- /dev/null -+++ b/tests/data/test1440 -@@ -0,0 +1,31 @@ -+<testcase> -+<info> -+<keywords> -+--write-out -+</keywords> -+</info> -+# Server-side -+<reply> -+</reply> -+ -+# Client-side -+<client> -+<server> -+file -+</server> -+ -+<name> -+Check --write-out with trailing %{ -+</name> -+<command> -+file://localhost/%PWD/log/ --write-out '%{' -+</command> -+</client> -+ -+# Verify data -+<verify> -+<stdout nonewline="yes"> -+%{ -+</stdout> -+</verify> -+</testcase> ---- /dev/null -+++ b/tests/data/test1441 -@@ -0,0 +1,31 @@ -+<testcase> -+<info> -+<keywords> -+--write-out -+</keywords> -+</info> -+# Server-side -+<reply> -+</reply> -+ -+# Client-side -+<client> -+<server> -+file -+</server> -+ -+<name> -+Check --write-out with trailing % -+</name> -+<command> -+file://localhost/%PWD/log/ --write-out '%' -+</command> -+</client> -+ -+# Verify data -+<verify> -+<stdout nonewline="yes"> -+% -+</stdout> -+</verify> -+</testcase> |