packages/curl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

backport some patches from community

Browse Source 
(cherry picked from commit 1fed2e6238f25d78d28764e00c3b7220ca356f49)
This commit is contained in:
sherlock2010 2024-06-24 10:51:55 +00:00 committed by openeuler-sync-bot
parent 9df0397b00
commit 4a9714eac4
6 changed files with 256 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
backport-libssh2-set-length-to-0-if-strdup-failed.patch Normal file
View File

@ -0,0 +1,31 @@
From 6f3204820052263f488f86e02c206e1d24c4da2c Mon Sep 17 00:00:00 2001
From: Tobias Stoeckmann <tobias@stoeckmann.org>
Date: Thu, 28 Mar 2024 00:38:09 +0100
Subject: [PATCH] libssh2: set length to 0 if strdup failed
Internally, libssh2 dereferences the NULL pointer if length is non-zero.
The callback function cannot return the error condition, so at least
prevent subsequent crash.
Closes #13213
Conflict:NA
Reference:https://github.com/curl/curl/commit/6f3204820052263f488f86e02c206e1d24c4da2c
---
lib/vssh/libssh2.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
index 3cfbe126c69df3..7d8d5f46571e9f 100644
--- a/lib/vssh/libssh2.c
+++ b/lib/vssh/libssh2.c
@@ -201,7 +201,8 @@ kbd_callback(const char *name, int name_len, const char *instruction,
if(num_prompts == 1) {
struct connectdata *conn = data->conn;
responses[0].text = strdup(conn->passwd);
- responses[0].length = curlx_uztoui(strlen(conn->passwd));
+ responses[0].length =
+ responses[0].text == NULL ? 0 : curlx_uztoui(strlen(conn->passwd));
}
(void)prompts;
} /* kbd_callback */

46
backport-multi-avoid-memory-leak-risk.patch Normal file
View File

@ -0,0 +1,46 @@
From 3572dd65bb233fc2720634804312192e3bdf4adf Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 25 Apr 2024 09:52:51 +0200
Subject: [PATCH] multi: avoid memory-leak risk
'newurl' is allocated in some conditions and used in a few scenarios,
but there were theoretical combinations in which it would not get freed.
Move the free to happen unconditionally. Never triggered by tests, but
spotted by Coverity.
Closes #13471
Conflict:Context adapt
Reference:https://github.com/curl/curl/commit/3572dd65bb233fc2720634804312192e3bdf4adf
---
lib/multi.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/lib/multi.c b/lib/multi.c
index fb98d80639f3b7..7e7590d60f8bcb 100644
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -2530,7 +2530,6 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
multistate(data, MSTATE_CONNECT);
rc = CURLM_CALL_MULTI_PERFORM;
}
- free(newurl);
}
else {
/* after the transfer is done, go DONE */
@@ -2542,7 +2541,6 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
newurl = data->req.location;
data->req.location = NULL;
result = Curl_follow(data, newurl, FOLLOW_FAKE);
- free(newurl);
if(result) {
stream_error = TRUE;
result = multi_done(data, result, TRUE);
@@ -2561,6 +2559,7 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
transfers */
Curl_expire(data, 0, EXPIRE_RUN_NOW);
}
+ free(newurl);
break;
}

35
backport-openldap-create-ldap-URLs-correctly-for-IPv6-addresses.patch Normal file
View File

@ -0,0 +1,35 @@
From 56935a7dada6975d5a46aa494de0af195e4e8659 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sat, 30 Mar 2024 11:14:54 +0100
Subject: [PATCH] openldap: create ldap URLs correctly for IPv6 addresses
Reported-by: Sergio Durigan Junior
Fixes #13228
Closes #13235
Conflict:Context adapt
Reference:https://github.com/curl/curl/commit/56935a7dada6975d5a46aa494de0af195e4e8659
---
lib/openldap.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/lib/openldap.c b/lib/openldap.c
index 47266f64e44733..85a37b8186041a 100644
--- a/lib/openldap.c
+++ b/lib/openldap.c
@@ -548,9 +548,12 @@ static CURLcode oldap_connect(struct Curl_easy *data, bool *done)
(void)done;
- hosturl = aprintf("ldap%s://%s:%d",
- conn->handler->flags & PROTOPT_SSL? "s": "",
- conn->host.name, conn->remote_port);
+ hosturl = aprintf("%s://%s%s%s:%d",
+ conn->handler->scheme,
+ conn->bits.ipv6_ip? "[": "",
+ conn->host.name,
+ conn->bits.ipv6_ip? "]": "",
+ conn->remote_port);
if(!hosturl)
return CURLE_OUT_OF_MEMORY;

100
backport-paramhlp-fix-CRLF-stripping-files-with-d-file.patch Normal file
View File

@ -0,0 +1,100 @@
From 923f7f8ce51b7f2f20282883cdafeb283310f3d9 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 6 Mar 2024 15:39:09 +0100
Subject: [PATCH] paramhlp: fix CRLF-stripping files with "-d @file"
All CR and LF bytes should be stripped, as documented, and all other
bytes are inluded in the data. Starting now, it also excludes null bytes
as they would otherwise also cut the data short.
Reported-by: Simon K
Fixes #13063
Closes #13064
Conflict:remove change of docs/cmdline-opts/data.md which is not exist
Reference:https://github.com/curl/curl/commit/923f7f8ce51b7f2f20282883cdafeb283310f3d9
---
src/tool_paramhlp.c | 63 +++++++++++++++++++++++++++++++--------
1 files changed, 51 insertions(+), 12 deletions(-)
diff --git a/src/tool_paramhlp.c b/src/tool_paramhlp.c
index 2725815000dc95..c26f6bbefd775c 100644
--- a/src/tool_paramhlp.c
+++ b/src/tool_paramhlp.c
@@ -63,6 +63,33 @@ struct getout *new_getout(struct OperationConfig *config)
return node;
}
+#define ISCRLF(x) (((x) == '\r') || ((x) == '\n') || ((x) == '\0'))
+
+/* memcrlf() has two modes. Both operate on a given memory area with
+ a specified size.
+
+ countcrlf FALSE - return number of bytes from the start that DO NOT include
+ any CR or LF or NULL
+
+ countcrlf TRUE - return number of bytes from the start that are ONLY CR or
+ LF or NULL.
+
+*/
+static size_t memcrlf(char *orig,
+ bool countcrlf, /* TRUE if we count CRLF, FALSE
+ if we count non-CRLF */
+ size_t max)
+{
+ char *ptr = orig;
+ size_t total = max;
+ for(ptr = orig; max; max--, ptr++) {
+ bool crlf = ISCRLF(*ptr);
+ if(countcrlf ^ crlf)
+ return ptr - orig;
+ }
+ return total; /* no delimiter found */
+}
+
#define MAX_FILE2STRING (256*1024*1024) /* big enough ? */
ParameterError file2string(char **bufp, FILE *file)
@@ -71,18 +98,30 @@ ParameterError file2string(char **bufp, FILE *file)
DEBUGASSERT(MAX_FILE2STRING < INT_MAX); /* needs to fit in an int later */
curlx_dyn_init(&dyn, MAX_FILE2STRING);
if(file) {
- char buffer[256];
-
- while(fgets(buffer, sizeof(buffer), file)) {
- char *ptr = strchr(buffer, '\r');
- if(ptr)
- *ptr = '\0';
- ptr = strchr(buffer, '\n');
- if(ptr)
- *ptr = '\0';
- if(curlx_dyn_add(&dyn, buffer))
- return PARAM_NO_MEM;
- }
+ do {
+ char buffer[4096];
+ char *ptr;
+ size_t nread = fread(buffer, 1, sizeof(buffer), file);
+ if(ferror(file)) {
+ curlx_dyn_free(&dyn);
+ *bufp = NULL;
+ return PARAM_READ_ERROR;
+ }
+ ptr = buffer;
+ while(nread) {
+ size_t nlen = memcrlf(ptr, FALSE, nread);
+ if(curlx_dyn_addn(&dyn, ptr, nlen))
+ return PARAM_NO_MEM;
+ nread -= nlen;
+
+ if(nread) {
+ ptr += nlen;
+ nlen = memcrlf(ptr, TRUE, nread);
+ ptr += nlen;
+ nread -= nlen;
+ }
+ }
+ } while(!feof(file));
}
*bufp = curlx_dyn_ptr(&dyn);
return PARAM_OK;

28
backport-tool_cfgable-free-proxy_-cipher13_list-on-exit.patch Normal file
View File

@ -0,0 +1,28 @@
From 87d14e77b7d59a961eb56500017c0580f89f252b Mon Sep 17 00:00:00 2001
From: Jan Venekamp <1422460+jan2000@users.noreply.github.com>
Date: Sat, 4 May 2024 03:05:51 +0200
Subject: [PATCH] tool_cfgable: free {proxy_}cipher13_list on exit
Author: Jan Venekamp
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
Closes: #13531
Conflict:NA
Reference:https://github.com/curl/curl/commit/87d14e77b7d59a961eb56500017c0580f89f252b
---
src/tool_cfgable.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/tool_cfgable.c b/src/tool_cfgable.c
index bb271583263db3..5564e250d33782 100644
--- a/src/tool_cfgable.c
+++ b/src/tool_cfgable.c
@@ -114,6 +114,8 @@ static void free_config_fields(struct OperationConfig *config)
Curl_safefree(config->doh_url);
Curl_safefree(config->cipher_list);
Curl_safefree(config->proxy_cipher_list);
+ Curl_safefree(config->cipher13_list);
+ Curl_safefree(config->proxy_cipher13_list);
Curl_safefree(config->cert);
Curl_safefree(config->proxy_cert);
Curl_safefree(config->cert_type);

17
curl.spec
View File

@ -7,7 +7,7 @@
Name: curl
Version: 8.4.0
Release: 4
Release: 5
Summary: Curl is used in command lines or scripts to transfer data
License: curl
URL: https://curl.se/
@ -25,6 +25,11 @@ Patch17: backport-CVE-2024-2004.patch
Patch18: backport-CVE-2024-2398.patch
Patch19: backport-tool_cb_rea-limit-rate-unpause-for-T-uploads.patch
#https://github.com/curl/curl/pull/13506
Patch20: backport-paramhlp-fix-CRLF-stripping-files-with-d-file.patch
Patch21: backport-libssh2-set-length-to-0-if-strdup-failed.patch
Patch22: backport-openldap-create-ldap-URLs-correctly-for-IPv6-addresses.patch
Patch23: backport-multi-avoid-memory-leak-risk.patch
Patch24: backport-tool_cfgable-free-proxy_-cipher13_list-on-exit.patch
BuildRequires: automake brotli-devel coreutils gcc groff krb5-devel
BuildRequires: libidn2-devel libnghttp2-devel libpsl-devel
@ -210,6 +215,16 @@ rm -rf ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
%{_mandir}/man3/*
%changelog
* Mon Jun 24 2024 zhouyihang <zhouyihang3@h-partners.com> - 8.4.0-5
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:paramhlp: fix CRLF-stripping files with "-d @file"
libssh2: set length to 0 if strdup failed
openldap: create ldap URLs correctly for IPv6 addresses
multi: avoid memory-leak risk
tool_cfgable: free {proxy_}cipher13_list on exit
* Wed Jun 12 2024 zhouyihang <zhouyihang3@h-partners.com> - 8.4.0-4
- Type:bugfix
- CVE:NA