R5Reloaded/r5sdk
1
0
Fork 0
mirror of https://github.com/Mauler125/r5sdk.git synced 2025-02-09 19:15:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix 'CVE-2017-1000100'

Browse Source 
Merge: curl/curl@358b2b131a
This commit is contained in:
Kawe Mazidjatari 2023-06-12 19:13:50 +02:00
parent 975c40876a
commit 4368210a5c
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
r5dev/thirdparty/curl/tftp.c vendored
View File

@ -490,6 +490,11 @@ static CURLcode tftp_send_first(tftp_state_data_t *state, tftp_event_t event)
if(result)
return result;
if (strlen(filename) > (state->blksize - strlen(mode) - 4)) {
failf(data, "TFTP file name too long\n");
return CURLE_TFTP_ILLEGAL; /* too long file name field */
}
snprintf((char *)state->spacket.data+2,
state->blksize,
"%s%c%s%c", filename, '\0', mode, '\0');