curl/tests/data/test1289
Daniel Stenberg 453e7a7a03 glob: do not continue parsing after a strtoul() overflow range
Added test 1289 to verify.

CVE-2017-1000101

Bug: https://curl.haxx.se/docs/adv_20170809A.html
Reported-by: Brian Carpenter
2017-08-07 09:24:30 +02:00

36 lines
422 B
Plaintext

<testcase>
<info>
<keywords>
HTTP
HTTP GET
globbing
</keywords>
</info>
#
# Server-side
<reply>
</reply>
# Client-side
<client>
<server>
http
</server>
<name>
globbing with overflow and bad syntxx
</name>
<command>
http://ur%20[0-60000000000000000000
</command>
</client>
# Verify data after the test has been "shot"
<verify>
# curl: (3) [globbing] bad range in column
<errorcode>
3
</errorcode>
</verify>
</testcase>