mirror/curl
2
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2024-11-27 05:50:21 +08:00
Code Issues Packages Projects Releases Wiki Activity

url: Fixed missing length check in parse_proxy()

Browse Source 
Commit 11332577b3 removed the length check that was performed by the
old scanf() code.
This commit is contained in:
Steve Holme 2013-04-21 18:29:33 +01:00
parent 416ecc1584
commit ddac43b38e
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/url.c
View File

@ -4208,7 +4208,7 @@ static CURLcode parse_proxy(struct SessionHandle *data,
username or password with reserved characters like ':' in username or password with reserved characters like ':' in
them. */ them. */
Curl_safefree(conn->proxyuser); Curl_safefree(conn->proxyuser);
if(proxyuser) if(proxyuser && strlen(proxyuser) < MAX_CURL_USER_LENGTH)
conn->proxyuser = curl_easy_unescape(data, proxyuser, 0, NULL); conn->proxyuser = curl_easy_unescape(data, proxyuser, 0, NULL);
else else
conn->proxyuser = strdup(""); conn->proxyuser = strdup("");
@ -4217,7 +4217,7 @@ static CURLcode parse_proxy(struct SessionHandle *data,
res = CURLE_OUT_OF_MEMORY; res = CURLE_OUT_OF_MEMORY;
else { else {
Curl_safefree(conn->proxypasswd); Curl_safefree(conn->proxypasswd);
if(proxypasswd) if(proxypasswd && strlen(proxypasswd) < MAX_CURL_PASSWORD_LENGTH)
conn->proxypasswd = curl_easy_unescape(data, proxypasswd, 0, NULL); conn->proxypasswd = curl_easy_unescape(data, proxypasswd, 0, NULL);
else else
conn->proxypasswd = strdup(""); conn->proxypasswd = strdup("");