File curl-CVE-2022-43551.patch of Package curl.28247

Overview Repositories Revisions Requests Users Attributes Meta

File curl-CVE-2022-43551.patch of Package curl.28247

From 760fa138c776df94cd5d0f836cb07a284fd9ac25 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 21 Nov 2022 11:19:54 +0100
Subject: [PATCH] http: use the IDN decoded name in HSTS checks

Otherwise it stores the info HSTS into the persistent cache for the IDN
name which will not match when the HSTS status is later checked for
using the decoded name.

Reported-by: Hiroki Kurosawa
---
 lib/http.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Index: curl-7.79.1/lib/http.c
===================================================================
--- curl-7.79.1.orig/lib/http.c
+++ curl-7.79.1/lib/http.c
@@ -3686,7 +3686,7 @@ CURLcode Curl_http_header(struct Curl_ea
   else if(data->hsts && checkprefix("Strict-Transport-Security:", headp) &&
           (conn->handler->flags & PROTOPT_SSL)) {
     CURLcode check =
-      Curl_hsts_parse(data->hsts, data->state.up.hostname,
+      Curl_hsts_parse(data->hsts, conn->host.name,
                       headp + strlen("Strict-Transport-Security:"));
     if(check)
       infof(data, "Illegal STS header skipped");

Places

File curl-CVE-2022-43551.patch of Package curl.28247

Places