tool_urlglob: check glob use before access

As this function can now be invoked with only the second glob "active",
it must avoid accessing the first one if not in use.

Follow-up to 2238f0921cb00b3395847

Spotted by Codex Security

Closes #21586

diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c
index dd7a6a9d8ef0d295010e51ba3caad4bf182d8865..ee894d79ddeb0ec9aca1b54ec751f310c0fd2885 100644 (file)
--- a/src/tool_urlglob.c
+++ b/src/tool_urlglob.c
@@ -716,7 +716,7 @@ CURLcode glob_match_url(char **output, const char *filename,
   while(*filename) {
     CURLcode result = CURLE_OK;
     struct URLPattern *pat = NULL;
-    if(*filename == '#' && ISDIGIT(filename[1])) {
+    if(glob_inuse(glob) && *filename == '#' && ISDIGIT(filename[1])) {
       /* a numbered glob reference */
       const char *ptr = filename++;
       curl_off_t num;