projects / platform / upstream / curl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ba96fa3) | patch
smtp: use the upload buffer size for scratch buffer malloc 57/191057/1 tizen
authorDaniel Stenberg <daniel@haxx.se>
Wed, 13 Jun 2018 10:24:40 +0000 (12:24 +0200)
committerNishant Chaprana <n.chaprana@samsung.com>
Thu, 11 Oct 2018 05:40:39 +0000 (11:10 +0530)
commit4e2b7f7351d43b34078d6b213f0bdd1bb2d0efa6
tree4927097b11c82df02376c97f3b29a5da373485f0tree | snapshot
parentba96fa38870e04e258260c48722421692dcc8482commit | diff
smtp: use the upload buffer size for scratch buffer malloc

... not the read buffer size, as that can be set smaller and thus cause
a buffer overflow! CVE-2018-0500

Reported-by: Peter Wu
Bug: https://curl.haxx.se/docs/adv_2018-70a2.html

Backported patch details:-

Link: https://github.com/curl/curl/commit/ba1dbd78e5f1e.patch
Change-Id: I5e6572de38862229fa319ce10c0d571e9e5a3543
Signed-off-by: Nishant Chaprana <n.chaprana@samsung.com>
lib/smtp.c diff | blob | history
Domain: Network & Connectivity / Data Network;