mirror/curl
2
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2025-01-24 14:15:18 +08:00
Code Issues Packages Projects Releases Wiki Activity
8e762199b0
curl/lib/vauth
History
Major_Tom 8e762199b0
vauth/cleartext: fix theoretical integer overflow 
Fix theoretical integer overflow in Curl_auth_create_plain_message.

The security impact of the overflow was discussed on hackerone. We
agreed this is more of a theoretical vulnerability, as the integer
overflow would only be triggerable on systems using 32-bits size_t with
over 4GB of available memory space for the process.

Closes #5391
2020-05-14 08:36:35 +02:00
..
cleartext.c vauth/cleartext: fix theoretical integer overflow 2020-05-14 08:36:35 +02:00
cram.c
digest_sspi.c *_sspi: fix bad uses of CURLE_NOT_BUILT_IN 2020-05-08 08:37:56 +02:00
digest.c
digest.h
krb5_gssapi.c
krb5_sspi.c *_sspi: fix bad uses of CURLE_NOT_BUILT_IN 2020-05-08 08:37:56 +02:00
ntlm_sspi.c
ntlm.c
ntlm.h
oauth2.c
spnego_gssapi.c
spnego_sspi.c *_sspi: fix bad uses of CURLE_NOT_BUILT_IN 2020-05-08 08:37:56 +02:00
vauth.c
vauth.h