git.ipfire.org Git - thirdparty/curl.git/commit

]> git.ipfire.org Git - thirdparty/curl.git/commit

projects / thirdparty / curl.git / commit

author	Daniel Stenberg <daniel@haxx.se>
	Sun, 21 Sep 2025 09:07:31 +0000 (11:07 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Sun, 21 Sep 2025 21:01:01 +0000 (23:01 +0200)
commit	c4f9977c66bbb05a837a7eb03004dd79c3cc9b44
tree	5aaa48bc6d258b4748fc5d806586b8b3acc8570e	tree \| snapshot
parent	a72e1552f224f3785d8aafc9819cd4ad0821c01d	commit \| diff

tftp: pin the first used address

Store the used remote address on the first receive call and then make
sure that it remains the same address on subsequent calls to reduce the
risk of tampering. Doesn't make the transfer secure because it is still
unauthenticated and clear text.

Reported in Joshua's sarif data

Closes #18658

lib/tftp.c

diff | blob | blame | history

Mirror of https://github.com/curl/curl.git

RSS Atom