]> granicus.if.org Git - curl/commit
projects / curl / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 358b2b1) | patch
glob: do not continue parsing after a strtoul() overflow range
authorDaniel Stenberg <daniel@haxx.se>
Tue, 1 Aug 2017 15:16:07 +0000 (17:16 +0200)
committerDaniel Stenberg <daniel@haxx.se>
Mon, 7 Aug 2017 07:24:30 +0000 (09:24 +0200)
commit453e7a7a03a2cec749abd3878a48e728c515cca7
tree79b607daa5b3e4aa8175becf49a849c491fbc746tree | snapshot
parent358b2b131ad6c095696f20dcfa62b8305263f898commit | diff
glob: do not continue parsing after a strtoul() overflow range

Added test 1289 to verify.

CVE-2017-1000101

Bug: https://curl.haxx.se/docs/adv_20170809A.html
Reported-by: Brian Carpenter
src/tool_urlglob.c diff | blob | history
tests/data/Makefile.inc diff | blob | history
tests/data/test1289 [new file with mode: 0644] blob
Unnamed repository; edit this file 'description' to name the repository.