From da9494eef043aca89ebdb5e4e14fcceef52c98e7 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 15 Apr 2025 17:27:47 +0200 Subject: [PATCH] tool_getparam: clear argument only when needed Test 699 verifies Reported-by: bsr13 on hackerone Closes #17112 --- src/tool_getparam.c | 6 +++-- tests/data/Makefile.am | 3 +-- tests/data/test699 | 57 ++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 62 insertions(+), 4 deletions(-) create mode 100644 tests/data/test699 diff --git a/src/tool_getparam.c b/src/tool_getparam.c index a55973a60a..e64239e5fa 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -1785,7 +1785,8 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */ nextarg = &parse[1]; /* this is the actual extra parameter */ singleopt = TRUE; /* do not loop anymore after this */ #ifdef HAVE_WRITABLE_ARGV - clearthis = &cleararg1[parse + 2 - flag]; + if(cleararg1) + clearthis = &cleararg1[parse + 2 - flag]; #endif } else if(!nextarg) { @@ -1794,7 +1795,8 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */ } else { #ifdef HAVE_WRITABLE_ARGV - clearthis = cleararg2; + if(cleararg2) + clearthis = cleararg2; #endif *usedarg = TRUE; /* mark it as used */ } diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index 8d83f11ed0..5936494fa3 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -101,8 +101,7 @@ test654 test655 test656 test658 test659 test660 test661 test662 test663 \ test664 test665 test666 test667 test668 test669 test670 test671 test672 \ test673 test674 test675 test676 test677 test678 test679 test680 test681 \ test682 test683 test684 test685 test686 test687 test688 test689 test690 \ -test691 test692 test693 test694 test695 test696 test697 test698 \ -\ +test691 test692 test693 test694 test695 test696 test697 test698 test699 \ test700 test701 test702 test703 test704 test705 test706 test707 test708 \ test709 test710 test711 test712 test713 test714 test715 test716 test717 \ test718 test719 test720 test721 test722 test723 test724 test725 test726 \ diff --git a/tests/data/test699 b/tests/data/test699 new file mode 100644 index 0000000000..4d1a2d9ddd --- /dev/null +++ b/tests/data/test699 @@ -0,0 +1,57 @@ + + + +HTTP +--config + + + +# +# Server-side + + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT +ETag: "21025-dc7-39462498" +Accept-Ranges: bytes +Content-Length: 6 +Connection: close +Content-Type: text/html +Funny-head: yesyes + +-foo- + + + +# +# Client-side + + +http + + +--config with single-letter options plus one that is cleared + + +-Lfuhej:you + + +http://%HOSTIP:%HTTPPORT/%TESTNUMBER -K %LOGDIR/cmd + + + +# +# Verify data after the test has been "shot" + + +GET /%TESTNUMBER HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Authorization: Basic aGVqOnlvdQ== +User-Agent: curl/%VERSION +Accept: */* + + + + -- 2.47.2