mirror/curl
2
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2024-12-15 06:40:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

urlapi: reject percent-decoding host name into separator bytes

Browse Source 
CVE-2022-27780

Reported-by: Axel Chong
Bug: https://curl.se/docs/CVE-2022-27780.html
Closes #8826
This commit is contained in:
Daniel Stenberg 2022-05-09 08:19:38 +02:00
parent 5c7da89d40
commit 914aaab915
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/urlapi.c
View File

@ -678,8 +678,8 @@ static CURLUcode hostname_check(struct Curl_URL *u, char *hostname)
#endif
}
else {
/* letters from the second string is not ok */
len = strcspn(hostname, " \r\n");
/* letters from the second string are not ok */
len = strcspn(hostname, " \r\n\t/:#?!@");
if(hlen != len)
/* hostname with bad content */
return CURLUE_BAD_HOSTNAME;