git.ipfire.org Git - thirdparty/curl.git/commit

]> git.ipfire.org Git - thirdparty/curl.git/commit

projects / thirdparty / curl.git / commit

author	Daniel Stenberg <daniel@haxx.se>
	Fri, 20 Apr 2018 14:32:46 +0000 (16:32 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Fri, 20 Apr 2018 20:16:50 +0000 (22:16 +0200)
commit	1514c44655e12e93e453bbc9e1934cf6d30d3817
tree	36493070de0d72c3ee865ed6450cf60390b9fb9f	tree \| snapshot
parent	b0a50227c07654e47598c90fe55cee1c890cc4a4	commit \| diff

http2: avoid strstr() on data not zero terminated

It's not strictly clear if the API contract allows us to call strstr()
on a string that isn't zero terminated even when we know it will find
the substring, and clang's ASAN check dislikes us for it.

Also added a check of the return code in case it fails, even if I can't
think of a situation how that can trigger.

Detected by OSS-Fuzz
Closes #2513
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=7760

lib/http2.c

diff | blob | blame | history

Mirror of https://github.com/curl/curl.git

RSS Atom