[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 40/116: url: fix CURLOPT_POSTFIELDSIZE arg value ch
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 40/116: url: fix CURLOPT_POSTFIELDSIZE arg value check to allow -1 |
Date: |
Tue, 05 Dec 2017 14:51:10 +0100 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit b8bd6dc110fbcae20e0902bead097a40ed88e01a
Author: Jay Satiro <address@hidden>
AuthorDate: Wed Nov 1 02:11:30 2017 -0400
url: fix CURLOPT_POSTFIELDSIZE arg value check to allow -1
.. also add same arg value check to CURLOPT_POSTFIELDSIZE_LARGE.
Prior to this change since f121575 (7.56.1+) CURLOPT_POSTFIELDSIZE
erroneously rejected -1 value with CURLE_BAD_FUNCTION_ARGUMENT.
Bug: https://curl.haxx.se/mail/lib-2017-11/0000.html
Reported-by: Andrew Lambert
---
lib/url.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/lib/url.c b/lib/url.c
index 5a11e423b..dec402c1d 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -1143,7 +1143,7 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
* figure it out. Enables binary posts.
*/
bigsize = va_arg(param, long);
- if(bigsize < 0)
+ if(bigsize < -1)
return CURLE_BAD_FUNCTION_ARGUMENT;
if(data->set.postfieldsize < bigsize &&
@@ -1162,6 +1162,8 @@ CURLcode Curl_setopt(struct Curl_easy *data, CURLoption
option,
* figure it out. Enables binary posts.
*/
bigsize = va_arg(param, curl_off_t);
+ if(bigsize < -1)
+ return CURLE_BAD_FUNCTION_ARGUMENT;
if(data->set.postfieldsize < bigsize &&
data->set.postfields == data->set.str[STRING_COPYPOSTFIELDS]) {
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 98/116: connect: improve the bind error message, (continued)
- [GNUnet-SVN] [gnurl] 98/116: connect: improve the bind error message, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 99/116: RELEASE-NOTES: synced with 31f18d272, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 108/116: wildcardmatch: fix heap buffer overflow in setcharset, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 85/116: resolve: allow IP address within [] brackets, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 71/116: cmake: Correctly include curl.rc in Windows builds (#2064), gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 50/116: ntlm: avoid malloc(0) for zero length passwords, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 91/116: openssl: fix "Value stored to 'rc' is never read" scan-build error, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 57/116: src/Makefile.m32: fix typo in brotli lib customization, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 81/116: RELEASE-NOTES: synced with ae7369b6d, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 60/116: content_encoding: do not write 0 length data, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 40/116: url: fix CURLOPT_POSTFIELDSIZE arg value check to allow -1,
gnunet <=
- [GNUnet-SVN] [gnurl] 86/116: examples/curlx: Fix code style, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 65/116: share: add support for sharing the connection cache, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 25/116: auth: add support for RFC7616 - HTTP Digest access authentication, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 87/116: BUGS: spellchecked, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 76/116: connect.c: remove executable bit on file, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 89/116: Curl_llist_remove: fix potential NULL pointer deref, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 82/116: TODO: ignore private IP addresses in PASV response, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 80/116: URL: return error on malformed URLs with junk after IPv6 bracket, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 97/116: examples/rtsp: clear RANGE again after use, gnunet, 2017/12/05
- [GNUnet-SVN] [gnurl] 73/116: cmake: Add missing setmode check, gnunet, 2017/12/05