[GNUnet-SVN] [gnurl] 16/220: easy: resize receive buffer on easy handle

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] [gnurl] 16/220: easy: resize receive buffer on easy handle

From:	gnunet
Subject:	[GNUnet-SVN] [gnurl] 16/220: easy: resize receive buffer on easy handle reset
Date:	Thu, 12 Sep 2019 17:26:16 +0200

This is an automated email from the git hooks/post-receive script.

ng0 pushed a commit to branch master
in repository gnurl.

commit 78ed3abe11de0d8fe465dee6d1de0c1b973f4409
Author: Jay Satiro <address@hidden>
AuthorDate: Tue Jul 23 17:59:18 2019 -0400

    easy: resize receive buffer on easy handle reset
    
    - In curl_easy_reset attempt to resize the receive buffer to its default
      size. If realloc fails then continue using the previous size.
    
    Prior to this change curl_easy_reset did not properly handle resetting
    the receive buffer (data->state.buffer). It reset the variable holding
    its size (data->set.buffer_size) to the default size (READBUFFER_SIZE)
    but then did not actually resize the buffer. If a user resized the
    buffer by using CURLOPT_BUFFERSIZE to set the size smaller than the
    default, later called curl_easy_reset and attempted to reuse the handle
    then a heap overflow would very likely occur during that handle's next
    transfer.
    
    Reported-by: Felix Hädicke
    
    Fixes https://github.com/curl/curl/issues/4143
    Closes https://github.com/curl/curl/pull/4145
---
 lib/easy.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/lib/easy.c b/lib/easy.c
index a4fff5b36..616ad28b8 100644
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -942,6 +942,8 @@ struct Curl_easy *curl_easy_duphandle(struct Curl_easy 
*data)
  */
 void curl_easy_reset(struct Curl_easy *data)
 {
+  long old_buffer_size = data->set.buffer_size;
+
   Curl_free_request_state(data);
 
   /* zero out UserDefined data: */
@@ -965,6 +967,18 @@ void curl_easy_reset(struct Curl_easy *data)
 #if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_CRYPTO_AUTH)
   Curl_http_auth_cleanup_digest(data);
 #endif
+
+  /* resize receive buffer */
+  if(old_buffer_size != data->set.buffer_size) {
+    char *newbuff = realloc(data->state.buffer, data->set.buffer_size + 1);
+    if(!newbuff) {
+      DEBUGF(fprintf(stderr, "Error: realloc of buffer failed\n"));
+      /* nothing we can do here except use the old size */
+      data->set.buffer_size = old_buffer_size;
+    }
+    else
+      data->state.buffer = newbuff;
+  }
 }
 
 /*

-- 
To stop receiving notification emails like this one, please contact
address@hidden.

[Prev in Thread]

Current Thread

[Next in Thread]

[GNUnet-SVN] [gnurl] 01/220: source: remove names from source comments, (continued)
- [GNUnet-SVN] [gnurl] 01/220: source: remove names from source comments, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 02/220: bump: start working on 7.66.0, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 08/220: curl: remove dead code, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 06/220: docs/PARALLEL-TRANSFERS: added, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 11/220: tool_operate: fix implicit call to easysrc_cleanup, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 17/220: winbuild: add vquic to list of build directories, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 12/220: multi: call detach_connection before Curl_disconnect, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 13/220: ssh-libssh: do not specify O_APPEND when not in append mode, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 20/220: http2_recv: trigger another read when the last data is returned, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 19/220: curl: avoid uncessary libcurl timeouts (in parallel mode), gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 16/220: easy: resize receive buffer on easy handle reset, gnunet <=
- [GNUnet-SVN] [gnurl] 26/220: mailmap: Amit Katyal, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 25/220: asyn-thread: removed unused variable, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 23/220: asyn-thread: create a socketpair to wait on, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 18/220: HTTP: use chunked Transfer-Encoding for HTTP_POST if size unknown, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 24/220: RELEASE-NOTES: synced, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 15/220: examples: Avoid reserved names in hiperfifo examples, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 14/220: RELEASE-NOTES: synced, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 21/220: progress: reset download/uploaded counter, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 22/220: curl: cap the maximum allowed values for retry time arguments, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 04/220: docs/MANUAL.md: converted to markdown from plain text, gnunet, 2019/09/12

Prev by Date: [GNUnet-SVN] [gnurl] 19/220: curl: avoid uncessary libcurl timeouts (in parallel mode)
Next by Date: [GNUnet-SVN] [gnurl] 26/220: mailmap: Amit Katyal
Previous by thread: [GNUnet-SVN] [gnurl] 19/220: curl: avoid uncessary libcurl timeouts (in parallel mode)
Next by thread: [GNUnet-SVN] [gnurl] 26/220: mailmap: Amit Katyal
Index(es):
- Date
- Thread