LogoopenSUSE Build Service > Projects
Sign Up | Log In

View File curl-7.37-CVE-2017-7407.patch of Package curl (Project home:mge1512:aide-static)

From 6019f1795b4e3b72507b84b0e02dc8c32024f562 Mon Sep 17 00:00:00 2001
From: Dan Fandrich <dan@coneharvesters.com>
Date: Sat, 11 Mar 2017 10:59:34 +0100
Subject: [PATCH] CVE-2017-7407: fixed

Bug: https://curl.haxx.se/docs/adv_20170403.html

Reported-by: Brian Carpenter
---
 src/tool_writeout.c     |  6 +++---
 tests/data/Makefile.inc |  2 +-
 tests/data/test1440     | 31 +++++++++++++++++++++++++++++++
 tests/data/test1441     | 31 +++++++++++++++++++++++++++++++
 tests/data/test1442     | 35 +++++++++++++++++++++++++++++++++++
 5 files changed, 101 insertions(+), 4 deletions(-)
 create mode 100644 tests/data/test1440
 create mode 100644 tests/data/test1441
 create mode 100644 tests/data/test1442

Index: curl-7.37.0/src/tool_writeout.c
===================================================================
--- curl-7.37.0.orig/src/tool_writeout.c
+++ curl-7.37.0/src/tool_writeout.c
@@ -108,7 +108,7 @@ void ourWriteOut(CURL *curl, struct OutS
   double doubleinfo;
 
   while(ptr && *ptr) {
-    if('%' == *ptr) {
+    if('%' == *ptr && ptr[1]) {
       if('%' == ptr[1]) {
         /* an escaped %-letter */
         fputc('%', stream);
@@ -299,7 +299,7 @@ void ourWriteOut(CURL *curl, struct OutS
         }
       }
     }
-    else if('\\' == *ptr) {
+    else if('\\' == *ptr && ptr[1]) {
       switch(ptr[1]) {
       case 'r':
         fputc('\r', stream);
Index: curl-7.37.0/tests/data/test1440
===================================================================
--- /dev/null
+++ curl-7.37.0/tests/data/test1440
@@ -0,0 +1,31 @@
+<testcase>
+<info>
+<keywords>
+--write-out
+</keywords>
+</info>
+# Server-side
+<reply>
+</reply>
+
+# Client-side
+<client>
+<server>
+file
+</server>
+
+<name>
+Check --write-out with trailing %{
+</name>
+<command>
+file://localhost/%PWD/log/ --write-out '%{'
+</command>
+</client>
+
+# Verify data
+<verify>
+<stdout nonewline="yes">
+%{
+</stdout>
+</verify>
+</testcase>
Index: curl-7.37.0/tests/data/test1441
===================================================================
--- /dev/null
+++ curl-7.37.0/tests/data/test1441
@@ -0,0 +1,31 @@
+<testcase>
+<info>
+<keywords>
+--write-out
+</keywords>
+</info>
+# Server-side
+<reply>
+</reply>
+
+# Client-side
+<client>
+<server>
+file
+</server>
+
+<name>
+Check --write-out with trailing %
+</name>
+<command>
+file://localhost/%PWD/log/ --write-out '%'
+</command>
+</client>
+
+# Verify data
+<verify>
+<stdout nonewline="yes">
+%
+</stdout>
+</verify>
+</testcase>
Index: curl-7.37.0/tests/data/test1442
===================================================================
--- /dev/null
+++ curl-7.37.0/tests/data/test1442
@@ -0,0 +1,35 @@
+<testcase>
+<info>
+<keywords>
+--write-out
+FILE
+</keywords>
+</info>
+# Server-side
+<reply>
+</reply>
+
+# Client-side
+<client>
+<server>
+file
+</server>
+
+<name>
+Check --write-out with trailing \
+</name>
+<command>
+file://localhost/%PWD/log/non-existent-file.txt --write-out '\'
+</command>
+</client>
+
+# Verify data
+<verify>
+<errorcode>
+37
+</errorcode>
+<stdout nonewline="yes">
+\
+</stdout>
+</verify>
+</testcase>
Index: curl-7.37.0/tests/data/Makefile.am
===================================================================
--- curl-7.37.0.orig/tests/data/Makefile.am
+++ curl-7.37.0/tests/data/Makefile.am
@@ -125,6 +125,7 @@ test1408 test1409 test1410 test1411 test
 test1416 test1417 test1418 test1419 \
 \
 test1428 \
+test1440 test1441 test1442 \
 \
 test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1507 \
 test1508 test1509 test1510 test1511 test1512 test1513 test1514 test1515 \
Index: curl-7.37.0/tests/data/Makefile.in
===================================================================
--- curl-7.37.0.orig/tests/data/Makefile.in
+++ curl-7.37.0/tests/data/Makefile.in
@@ -433,6 +433,7 @@ test1408 test1409 test1410 test1411 test
 test1416 test1417 test1418 test1419 \
 \
 test1428 \
+test1440 test1441 test1442 \
 \
 test1500 test1501 test1502 test1503 test1504 test1505 test1506 test1507 \
 test1508 test1509 test1510 test1511 test1512 test1513 test1514 test1515 \