From 6c34f8dc4e7d05054b601a03ec7c21cb11cf9efe Mon Sep 17 00:00:00 2001
From: Kawe Mazidjatari <48657826+Mauler125@users.noreply.github.com>
Date: Mon, 12 Jun 2023 20:17:01 +0200
Subject: [PATCH] Fix 'CVE-2018-1000301'

Merge: curl/curl@8c7b3737d29ed5c0575bf5
---
 r5dev/thirdparty/curl/http.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/r5dev/thirdparty/curl/http.c b/r5dev/thirdparty/curl/http.c
index 1ae60913..7f53fb0d 100644
--- a/r5dev/thirdparty/curl/http.c
+++ b/r5dev/thirdparty/curl/http.c
@@ -2931,6 +2931,8 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data,
 {
   CURLcode result;
   struct SingleRequest *k = &data->req;
+  ssize_t onread = *nread;
+  char* ostr = k->str;
 
   /* header line within buffer loop */
   do {
@@ -2995,7 +2997,9 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data,
         else {
           /* this was all we read so it's all a bad header */
           k->badheader = HEADER_ALLBAD;
-          *nread = (ssize_t)rest_length;
+          *nread = onread;
+          k->str = ostr;
+          return CURLE_OK;
         }
         break;
       }