[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 16/220: easy: resize receive buffer on easy handle
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 16/220: easy: resize receive buffer on easy handle reset |
Date: |
Thu, 12 Sep 2019 17:26:16 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit 78ed3abe11de0d8fe465dee6d1de0c1b973f4409
Author: Jay Satiro <address@hidden>
AuthorDate: Tue Jul 23 17:59:18 2019 -0400
easy: resize receive buffer on easy handle reset
- In curl_easy_reset attempt to resize the receive buffer to its default
size. If realloc fails then continue using the previous size.
Prior to this change curl_easy_reset did not properly handle resetting
the receive buffer (data->state.buffer). It reset the variable holding
its size (data->set.buffer_size) to the default size (READBUFFER_SIZE)
but then did not actually resize the buffer. If a user resized the
buffer by using CURLOPT_BUFFERSIZE to set the size smaller than the
default, later called curl_easy_reset and attempted to reuse the handle
then a heap overflow would very likely occur during that handle's next
transfer.
Reported-by: Felix Hädicke
Fixes https://github.com/curl/curl/issues/4143
Closes https://github.com/curl/curl/pull/4145
---
lib/easy.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/lib/easy.c b/lib/easy.c
index a4fff5b36..616ad28b8 100644
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -942,6 +942,8 @@ struct Curl_easy *curl_easy_duphandle(struct Curl_easy
*data)
*/
void curl_easy_reset(struct Curl_easy *data)
{
+ long old_buffer_size = data->set.buffer_size;
+
Curl_free_request_state(data);
/* zero out UserDefined data: */
@@ -965,6 +967,18 @@ void curl_easy_reset(struct Curl_easy *data)
#if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_CRYPTO_AUTH)
Curl_http_auth_cleanup_digest(data);
#endif
+
+ /* resize receive buffer */
+ if(old_buffer_size != data->set.buffer_size) {
+ char *newbuff = realloc(data->state.buffer, data->set.buffer_size + 1);
+ if(!newbuff) {
+ DEBUGF(fprintf(stderr, "Error: realloc of buffer failed\n"));
+ /* nothing we can do here except use the old size */
+ data->set.buffer_size = old_buffer_size;
+ }
+ else
+ data->state.buffer = newbuff;
+ }
}
/*
--
To stop receiving notification emails like this one, please contact
address@hidden.
- [GNUnet-SVN] [gnurl] 01/220: source: remove names from source comments, (continued)
- [GNUnet-SVN] [gnurl] 01/220: source: remove names from source comments, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 02/220: bump: start working on 7.66.0, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 08/220: curl: remove dead code, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 06/220: docs/PARALLEL-TRANSFERS: added, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 11/220: tool_operate: fix implicit call to easysrc_cleanup, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 17/220: winbuild: add vquic to list of build directories, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 12/220: multi: call detach_connection before Curl_disconnect, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 13/220: ssh-libssh: do not specify O_APPEND when not in append mode, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 20/220: http2_recv: trigger another read when the last data is returned, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 19/220: curl: avoid uncessary libcurl timeouts (in parallel mode), gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 16/220: easy: resize receive buffer on easy handle reset,
gnunet <=
- [GNUnet-SVN] [gnurl] 26/220: mailmap: Amit Katyal, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 25/220: asyn-thread: removed unused variable, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 23/220: asyn-thread: create a socketpair to wait on, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 18/220: HTTP: use chunked Transfer-Encoding for HTTP_POST if size unknown, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 24/220: RELEASE-NOTES: synced, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 15/220: examples: Avoid reserved names in hiperfifo examples, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 14/220: RELEASE-NOTES: synced, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 21/220: progress: reset download/uploaded counter, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 22/220: curl: cap the maximum allowed values for retry time arguments, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 04/220: docs/MANUAL.md: converted to markdown from plain text, gnunet, 2019/09/12