R5Reloaded/r5sdk
1
0
Fork 0
mirror of https://github.com/Mauler125/r5sdk.git synced 2025-02-09 19:15:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix 'CVE-2017-1000254'

Browse Source 
Merge: curl/curl@5ff2c5ff25
This commit is contained in:
Kawe Mazidjatari 2023-06-12 19:30:53 +02:00
parent e6cb575586
commit c6ee89d1a4
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
r5dev/thirdparty/curl/ftp.c vendored
View File

@ -2825,6 +2825,7 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
const size_t buf_size = CURL_BUFSIZE(data->set.buffer_size);
char *dir;
char *store;
bool entry_extracted = FALSE;
dir = malloc(nread + 1);
if(!dir)
@ -2856,7 +2857,7 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
}
else {
/* end of path */
*store = '\0'; /* zero terminate */
entry_extracted = TRUE;
break; /* get out of this loop */
}
}
@ -2866,6 +2867,10 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
ptr++;
}
*store = '\0'; /* zero terminate */
}
if (entry_extracted) {
/* If the path name does not look like an absolute path (i.e.: it
does not start with a '/'), we probably need some server-dependent
adjustments. For example, this is the case when connecting to