]> git.ipfire.org Git - thirdparty/curl.git/commitdiff
projects / thirdparty / curl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: adda113)
curl_get_line: error out on read errors
authorDaniel Stenberg <daniel@haxx.se>
Tue, 17 Mar 2026 12:55:21 +0000 (13:55 +0100)
committerDaniel Stenberg <daniel@haxx.se>
Tue, 17 Mar 2026 15:14:08 +0000 (16:14 +0100)
Missing ferror handling in Curl_get_line causes infinite loops on I/O
errors, leading to denial-of-service hangs for config/cache file loads.

Follow-up to 769ccb4d4261a75c8a4

Pointed out by Codex Security

Closes #20958

lib/curl_get_line.c patch | blob | blame | history

diff --git a/lib/curl_get_line.c b/lib/curl_get_line.c
index 85b3525be7b8aec63b3785af020fb5486d5b041c..6fcd043c9370c29f8830962cb369333249c2c7f1 100644 (file)
--- a/lib/curl_get_line.c
+++ b/lib/curl_get_line.c
@@ -40,6 +40,8 @@ CURLcode Curl_get_line(struct dynbuf *buf, FILE *input, bool *eof)
   while(1) {
     size_t rlen;
     const char *b = fgets(buffer, sizeof(buffer), input);
+    if(!b && ferror(input))
+      return CURLE_READ_ERROR;
 
     *eof = feof(input);
 
Mirror of https://github.com/curl/curl.git