git.ipfire.org Git - thirdparty/curl.git/commit

]> git.ipfire.org Git - thirdparty/curl.git/commit

projects / thirdparty / curl.git / commit

author	Daniel Stenberg <daniel@haxx.se>
	Wed, 7 May 2025 22:21:26 +0000 (00:21 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Thu, 8 May 2025 06:17:56 +0000 (08:17 +0200)
commit	40ef77b6dadbd6dbedcd2963fccb817673c430b8
tree	ccb120691a5287b47b9a2352daa54c9ae47cacfa	tree \| snapshot
parent	d689bd915e3fc270a5434e8df57ec0384113907e	commit \| diff

headers: enforce a max number of response header to accept

The limit is 5000 headers in a single transfer. To avoid problems caused
by mistakes or malice.

Add test 747 to verify

Reported-by: wolfsage on hackerone
Closes #17281

lib/headers.c		diff \| blob \| blame \| history
lib/http.h		diff \| blob \| blame \| history
tests/data/Makefile.am		diff \| blob \| blame \| history
tests/data/test498		diff \| blob \| blame \| history
tests/data/test747	[new file with mode: 0644]	blob

Mirror of https://github.com/curl/curl.git

RSS Atom