You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
32 lines
974 B
32 lines
974 B
From 55a27027d5f024a0ecc2c23c81ed99de6192c9f3 Mon Sep 17 00:00:00 2001
|
|
From: Daniel Stenberg <daniel@haxx.se>
|
|
Date: Fri, 3 May 2019 22:20:37 +0200
|
|
Subject: [PATCH] tftp: use the current blksize for recvfrom()
|
|
|
|
bug: https://curl.haxx.se/docs/CVE-2019-5436.html
|
|
Reported-by: l00p3r on hackerone
|
|
CVE-2019-5436
|
|
|
|
Upstream-commit: 2576003415625d7b5f0e390902f8097830b82275
|
|
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
|
---
|
|
lib/tftp.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/lib/tftp.c b/lib/tftp.c
|
|
index 269b3cd..4f2a131 100644
|
|
--- a/lib/tftp.c
|
|
+++ b/lib/tftp.c
|
|
@@ -1005,7 +1005,7 @@ static CURLcode tftp_connect(struct connectdata *conn, bool *done)
|
|
state->sockfd = state->conn->sock[FIRSTSOCKET];
|
|
state->state = TFTP_STATE_START;
|
|
state->error = TFTP_ERR_NONE;
|
|
- state->blksize = TFTP_BLKSIZE_DEFAULT;
|
|
+ state->blksize = blksize;
|
|
state->requested_blksize = blksize;
|
|
|
|
((struct sockaddr *)&state->local_addr)->sa_family =
|
|
--
|
|
2.20.1
|
|
|