mirror/curl
2
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2025-01-24 14:15:18 +08:00
Code Issues Packages Projects Releases Wiki Activity

url: reject URLs with hostnames longer than 65535 bytes

Browse Source 
It *probably* causes other problems too since DNS can't resolve such
long names, but the SNI field in TLS is limited to 16 bits length.

Closes #9317
This commit is contained in:
Daniel Stenberg 2022-08-15 09:17:24 +02:00
parent 20d083572a
commit 657101ec0c
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/url.c
View File

@ -2025,6 +2025,10 @@ static CURLcode parseurlandfillconn(struct Curl_easy *data,
if(!strcasecompare("file", data->state.up.scheme))
return CURLE_OUT_OF_MEMORY;
}
else if(strlen(data->state.up.hostname) > 0xffff) {
failf(data, "Too long host name");
return CURLE_URL_MALFORMAT;
}
#ifndef CURL_DISABLE_HSTS
if(data->hsts && strcasecompare("http", data->state.up.scheme)) {