]> git.ipfire.org Git - thirdparty/curl.git/commit
projects / thirdparty / curl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 364f174) | patch
ftp,imap,pop3,smtp: reject STARTTLS server response pipelining
authorPatrick Monnerat <patrick@monnerat.net>
Tue, 7 Sep 2021 11:26:42 +0000 (13:26 +0200)
committerDaniel Stenberg <daniel@haxx.se>
Mon, 13 Sep 2021 14:51:31 +0000 (16:51 +0200)
commit8ef147c43646e91fdaad5d0e7b60351f842e5c68
tree61bc65da37b6c6e56a161c3ce841d15a4cc8b786tree | snapshot
parent364f174724ef115c63d5e5dc1d3342c8a43b1ccacommit | diff
ftp,imap,pop3,smtp: reject STARTTLS server response pipelining

If a server pipelines future responses within the STARTTLS response, the
former are preserved in the pingpong cache across TLS negotiation and
used as responses to the encrypted commands.

This fix detects pipelined STARTTLS responses and rejects them with an
error.

CVE-2021-22947

Bug: https://curl.se/docs/CVE-2021-22947.html
lib/ftp.c diff | blob | blame | history
lib/imap.c diff | blob | blame | history
lib/pop3.c diff | blob | blame | history
lib/smtp.c diff | blob | blame | history
tests/data/Makefile.inc diff | blob | blame | history
tests/data/test980 [new file with mode: 0644] blob
tests/data/test981 [new file with mode: 0644] blob
tests/data/test982 [new file with mode: 0644] blob
tests/data/test983 [new file with mode: 0644] blob
Mirror of https://github.com/curl/curl.git