Skip to content

/ curl

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

curl: fix --local-port integer overflow #3242

Closed
wants to merge 1 commit into from
Closed

curl: fix --local-port integer overflow #3242

wants to merge 1 commit into from

Conversation

@bagder
Copy link
Member

@bagder bagder commented Nov 6, 2018

The tool's local port command line range parser didn't check for integer
overflows and could pass "weird" data to libcurl for this option.
libcurl however, has a strict range check for the values so it rejects
anything outside of the accepted range.

Reported-by: Brian Carpenter
@bagder bagder added the cmdline tool label Nov 6, 2018
@bagder bagder force-pushed the bagder/local-port-overflow branch from 3b0467c to 2909376 Nov 6, 2018
bagder added a commit that referenced this pull request Nov 6, 2018
@bagder
curl: fix --local-port integer overflow
Verified
This commit was signed with a verified signature.
bagder Daniel Stenberg
GPG key ID: 5CC908FDB71E12C2 Learn about signing commits
Loading status checks…
2909376 
The tool's local port command line range parser didn't check for integer
overflows and could pass "weird" data to libcurl for this option.
libcurl however, has a strict range check for the values so it rejects
anything outside of the accepted range.

Reported-by: Brian Carpenter
Closes #3242
@bagder
curl: fix --local-port integer overflow
Verified
This commit was signed with a verified signature.
bagder Daniel Stenberg
GPG key ID: 5CC908FDB71E12C2 Learn about signing commits
Loading status checks…
994d13a 
The tool's local port command line range parser didn't check for integer
overflows and could pass "weird" data to libcurl for this option.
libcurl however, has a strict range check for the values so it rejects
anything outside of the accepted range.

Reported-by: Brian Carpenter
Closes #3242
@bagder bagder force-pushed the bagder/local-port-overflow branch from 2909376 to 994d13a Nov 7, 2018
@bagder bagder closed this in 52db548 Nov 7, 2018
@bagder bagder deleted the bagder/local-port-overflow branch Nov 7, 2018
@lock lock bot locked as resolved and limited conversation to collaborators Feb 5, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
cmdline tool
Projects
None yet
Milestone
No milestone
Linked issues

Successfully merging this pull request may close these issues.

None yet

1 participant
@bagder
You can’t perform that action at this time.