[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 241/254: setopt: check CURLOPT_ADDRESS_SCOPE option
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 241/254: setopt: check CURLOPT_ADDRESS_SCOPE option range |
Date: |
Sat, 17 Jun 2017 16:54:33 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to annotated tag gnurl-7.54.1
in repository gnurl.
commit 844896d06416c9fdcacad5159f2a1a1d0293b9e5
Author: Daniel Stenberg <address@hidden>
AuthorDate: Fri Jun 9 01:00:23 2017 +0200
setopt: check CURLOPT_ADDRESS_SCOPE option range
... and return error instead of triggering an assert() when being way
out of range.
---
lib/url.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/lib/url.c b/lib/url.c
index b33579c70..84822d9bc 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -2616,7 +2616,10 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
* know that an unsigned int will always hold the value so we blindly
* typecast to this type
*/
- data->set.scope_id = curlx_sltoui(va_arg(param, long));
+ arg = va_arg(param, long);
+ if((arg < 0) || (arg > 0xf))
+ return CURLE_BAD_FUNCTION_ARGUMENT;
+ data->set.scope_id = curlx_sltoui(arg);
break;
case CURLOPT_PROTOCOLS:
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 205/254: test1537: dedicated tests of the URL (un)escape API calls, (continued)
- [GNUnet-SVN] [gnurl] 205/254: test1537: dedicated tests of the URL (un)escape API calls, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 170/254: time: fix type conversions and compiler warnings, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 245/254: test1521: fixed OOM handling, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 191/254: opts: more than 100 more examples for man pages..., gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 215/254: curl_sasl: fix unused-variable warning, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 207/254: test1538: verify the libcurl strerror API calls, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 184/254: opts: more examples added to man pages, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 229/254: test1121: use stricter types to work with typcheck-gcc, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 177/254: tests: removed some redundant empty <stdout> sections, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 182/254: CURLOPT_PROXY.3: describe the environment variables more, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 241/254: setopt: check CURLOPT_ADDRESS_SCOPE option range,
gnunet <=
- [GNUnet-SVN] [gnurl] 176/254: runtests.pl: removed <precommand> feature, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 199/254: curl-compilers.m4: escape square brackets in regex, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 217/254: libtest: fix implicit-fallthrough warnings with GCC 7, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 188/254: example/externalsocket.c: make it use CLOSESOCKETFUNCTION too, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 250/254: url: fix buffer overwrite with file protocol (CVE-2017-9502), gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 240/254: cmake: Fix inconsistency regarding mbed TLS include directory, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 224/254: curl_ntlm_core: use Curl_raw_toupper instead of toupper, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 233/254: travis: let some builds *not* use --enable-debug, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 227/254: test1521: test *all* curl_easy_setopt options, gnunet, 2017/06/17
- [GNUnet-SVN] [gnurl] 254/254: Patchset for gnURL microfork: * Patches to rename libcurl to libgnurl by Christian * Updated for latest curl using git cherry-pick by Jeff, Florian, ng0 * Patches to fix the testsuite (deleted tests/data/test1139, renamed reference from libcurl.* to libgnurl.*) by ng0 * Added guix-gnurl.scm which can be used to build this with guix prior to installing it. (author: ng0) * Further adjustments by ng0, gnunet, 2017/06/17