From 4a3ed6fc16f9fb37a91c1bc149ca213e5b942e1b Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 29 Aug 2025 23:25:50 +0200 Subject: [PATCH] urlglob: only accept 255 globs - using {} with single entries makes little sense - when using {} sets with two entry lists, there can only be 64 to reach maximum number of URLs Verify the max check in test 761 --- src/tool_urlglob.c | 9 ++++++--- tests/data/Makefile.am | 2 +- tests/data/test761 | 33 +++++++++++++++++++++++++++++++++ 3 files changed, 40 insertions(+), 4 deletions(-) create mode 100644 tests/data/test761 diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c index 9e7ee8c767..ac836dcdff 100644 --- a/src/tool_urlglob.c +++ b/src/tool_urlglob.c @@ -423,10 +423,13 @@ static CURLcode glob_parse(struct URLGlob *glob, const char *pattern, if(++glob->size >= glob->palloc) { struct URLPattern *np = NULL; glob->palloc *= 2; - if(glob->size < 10000) /* avoid ridiculous amounts */ + if(glob->size < 255) { /* avoid ridiculous amounts */ np = realloc(glob->pattern, glob->palloc * sizeof(struct URLPattern)); - if(!np) - return globerror(glob, NULL, pos, CURLE_OUT_OF_MEMORY); + if(!np) + return globerror(glob, NULL, pos, CURLE_OUT_OF_MEMORY); + } + else + return globerror(glob, "too many {} sets", pos, CURLE_URL_MALFORMAT); glob->pattern = np; } } diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index d0696da3de..f8470c554a 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -108,7 +108,7 @@ test718 test719 test720 test721 test722 test723 test724 test725 test726 \ test727 test728 test729 test730 test731 test732 test733 test734 test735 \ test736 test737 test738 test739 test740 test741 test742 test743 test744 \ test745 test746 test747 test748 test749 test750 test751 test752 test753 \ -test754 test755 test756 test757 test758 test759 test760 \ +test754 test755 test756 test757 test758 test759 test760 test761 \ test780 test781 test782 test783 test784 test785 test786 test787 test788 \ test789 test790 test791 test792 test793 test794 test795 test796 test797 \ \ diff --git a/tests/data/test761 b/tests/data/test761 new file mode 100644 index 0000000000..55005c4629 --- /dev/null +++ b/tests/data/test761 @@ -0,0 +1,33 @@ + + + +globbing + + + +# +# Client-side + + +none + + +too many {} globs + + +http://testingthis/{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b + + + +# +# Verify data after the test has been "shot" + + +3 + + +curl: (3) too many {} sets in URL position 403: +http://testingthis/{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a}b{a + + + -- 2.47.3