search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
bump version
[buildroot.git] / package / curl / curl-7.13.1-cve-2005-4077.patch
blob8960ea79ac4e5d32c0144af803f6b7eb12d9c698
1 --- curl-7.13.1/lib/url.c.cve-2005-4077 2005-12-08 13:08:03.000000000 +0100
2 +++ curl-7.13.1/lib/url.c 2005-12-08 13:15:56.565790336 +0100
3 @@ -2313,12 +2313,18 @@
4 if(urllen < LEAST_PATH_ALLOC)
5 urllen=LEAST_PATH_ALLOC;
6
7 - conn->pathbuffer=(char *)malloc(urllen);
8 + /*
9 + * We malloc() the buffers below urllen+2 to make room for to possibilities:
10 + * 1 - an extra terminating zero
11 + * 2 - an extra slash (in case a syntax like "www.host.com?moo" is used)
12 + */
13 +
14 + conn->pathbuffer=(char *)malloc(urllen+3);
15 if(NULL == conn->pathbuffer)
16 return CURLE_OUT_OF_MEMORY; /* really bad error */
17 conn->path = conn->pathbuffer;
18
19 - conn->host.rawalloc=(char *)malloc(urllen);
20 + conn->host.rawalloc=(char *)malloc(urllen+3);
21 if(NULL == conn->host.rawalloc)
22 return CURLE_OUT_OF_MEMORY;
23 conn->host.name = conn->host.rawalloc;
uClibc cross-compilers and rootfs