File curl-CVE-2020-8177.patch of Package curl.25399
From 3b884d1cc588c6cfede9d2f124d43c93e93226e8 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sun, 31 May 2020 23:09:59 +0200
Subject: [PATCH] tool_getparam: -i is not OK if -J is used
Reported-by: sn on hackerone
Bug: https://curl.haxx.se/docs/CVE-2020-8177.html
---
src/tool_cb_hdr.c | 22 ++++------------------
src/tool_getparam.c | 5 +++++
2 files changed, 9 insertions(+), 18 deletions(-)
Index: curl-7.60.0/src/tool_cb_hdr.c
===================================================================
--- curl-7.60.0.orig/src/tool_cb_hdr.c
+++ curl-7.60.0/src/tool_cb_hdr.c
@@ -119,6 +119,11 @@ size_t tool_header_cb(char *ptr, size_t
len = (ssize_t)cb - (p - str);
filename = parse_filename(p, len);
if(filename) {
+ if(outs->stream) {
+ /* indication of problem, get out! */
+ free(filename);
+ return failure;
+ }
outs->filename = filename;
outs->alloc_filename = TRUE;
outs->is_cd_filename = TRUE;
Index: curl-7.60.0/src/tool_getparam.c
===================================================================
--- curl-7.60.0.orig/src/tool_getparam.c
+++ curl-7.60.0/src/tool_getparam.c
@@ -1722,6 +1722,11 @@ ParameterError getparameter(const char *
}
break;
case 'i':
+ if(config->content_disposition) {
+ warnf(global,
+ "--include and --remote-header-name cannot be combined.\n");
+ return PARAM_BAD_USE;
+ }
config->include_headers = toggle; /* include the headers as well in the
general output stream */
break;