]> git.ipfire.org Git - thirdparty/curl.git/commit
projects / thirdparty / curl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: eb33ccd) | patch
altsvc: reject bad port numbers
authorDaniel Stenberg <daniel@haxx.se>
Tue, 27 Sep 2022 15:20:23 +0000 (17:20 +0200)
committerDaniel Stenberg <daniel@haxx.se>
Wed, 28 Sep 2022 10:44:37 +0000 (12:44 +0200)
commitac612dfeee95a014bf0a5f31f60ca7cfe9d74a21
tree6d2de212d2ee6241c0182f0d9764440cb4a92c73tree
parenteb33ccd5332435fa50f1758e5debb869c6942b7fcommit | diff
altsvc: reject bad port numbers

The existing code tried but did not properly reject alternative services
using negative or too large port numbers.

With this fix, the logic now also flushes the old entries immediately
before adding a new one, making a following header with an illegal entry
not flush the already stored entry.

Report from the ongoing source code audit by Trail of Bits.

Adjusted test 356 to verify.

Closes #9607
lib/altsvc.c diff | blob | blame | history
tests/data/test356 diff | blob | blame | history
Mirror of https://github.com/curl/curl.git