git.ipfire.org Git - thirdparty/curl.git/commit

]> git.ipfire.org Git - thirdparty/curl.git/commit

projects / thirdparty / curl.git / commit

author	Daniel Stenberg <daniel@haxx.se>
	Tue, 1 Aug 2017 15:16:46 +0000 (17:16 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Mon, 7 Aug 2017 07:24:30 +0000 (09:24 +0200)
commit	358b2b131ad6c095696f20dcfa62b8305263f898
tree	43a86c450eceed59e6afbb1f5a5751782569d0b0	tree
parent	c9332fa5e84f24da300b42b1a931ade929d3e27d	commit \| diff

tftp: reject file name lengths that don't fit

... and thereby avoid telling send() to send off more bytes than the
size of the buffer!

CVE-2017-1000100

Bug: https://curl.haxx.se/docs/adv_20170809B.html
Reported-by: Even Rouault
Credit to OSS-Fuzz for the discovery

lib/tftp.c

diff | blob | blame | history

Mirror of https://github.com/curl/curl.git

RSS Atom