File curl-CVE-2022-27775.patch of Package curl.25570
From 46091487fbdb37ffbe9c495de86c62d14634b71a Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 21 Apr 2022 12:30:34 +0200
Subject: [PATCH] conncache: include the zone id in the "bundle" hashkey
Make connections to two separate IPv6 zone ids create separate
connections.
Reported-by: Harry Sintonen
Bug: https://curl.se/docs/CVE-2022-27775.html
---
lib/conncache.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
Index: curl-7.66.0/lib/conncache.c
===================================================================
--- curl-7.66.0.orig/lib/conncache.c
+++ curl-7.66.0/lib/conncache.c
@@ -180,8 +180,12 @@ static void hashkey(struct connectdata *
/* report back which name we used */
*hostp = hostname;
- /* put the number first so that the hostname gets cut off if too long */
- msnprintf(buf, len, "%ld%s", port, hostname);
+ /* put the numbers first so that the hostname gets cut off if too long */
+#ifdef ENABLE_IPV6
+ msnprintf(buf, len, "%u/%ld/%s", conn->scope_id, port, hostname);
+#else
+ msnprintf(buf, len, "%ld/%s", port, hostname);
+#endif
}
void Curl_conncache_unlock(struct Curl_easy *data)