projects
/
platform
/
upstream
/
curl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
33319a4
)
tftp: use the current blksize for recvfrom()
45/211245/1
accepted/tizen/base/20190818.221630
submit/tizen_base/20190812.223828
author
Daniel Stenberg
<daniel@haxx.se>
Fri, 3 May 2019 20:20:37 +0000
(22:20 +0200)
committer
Nishant Chaprana
<n.chaprana@samsung.com>
Wed, 31 Jul 2019 09:21:06 +0000
(14:51 +0530)
bug: https://curl.haxx.se/docs/CVE-2019-5436.html
Reported-by: l00p3r on hackerone
CVE-2019-5436
link:
https://github.com/curl/curl/commit/2576003415625d7b5f0e390902f8097830b82275.patch
Change-Id: Ic6093d1d475ed9ba87e41cff315befdc3aca9c1d
Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
lib/tftp.c
patch
|
blob
|
history
diff --git
a/lib/tftp.c
b/lib/tftp.c
index
5b74e8e
..
479e847
100644
(file)
--- a/
lib/tftp.c
+++ b/
lib/tftp.c
@@
-1005,7
+1005,7
@@
static CURLcode tftp_connect(struct connectdata *conn, bool *done)
state->sockfd = state->conn->sock[FIRSTSOCKET];
state->state = TFTP_STATE_START;
state->error = TFTP_ERR_NONE;
- state->blksize =
TFTP_BLKSIZE_DEFAULT
;
+ state->blksize =
blksize
;
state->requested_blksize = blksize;
((struct sockaddr *)&state->local_addr)->sa_family =