curl/curl
1
1
Fork 0
mirror of https://github.com/curl/curl.git synced 2025-09-18 01:52:41 +03:00
Code Issues Packages Projects Releases Wiki Activity

headers: handle unfold of space-cleansed headers

Browse Source 
Detected by OSS-fuzz

Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47767

Updated test 1274

Closes #8947
This commit is contained in:
Daniel Stenberg 2022-06-01 14:04:17 +02:00
parent 45de940ceb
commit f810047f9d
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
2 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/headers.c
View File

@ -227,8 +227,8 @@ static CURLcode unfold_value(struct Curl_easy *data, const char *value,
DEBUGASSERT(data->state.prevhead); DEBUGASSERT(data->state.prevhead);
hs = data->state.prevhead; hs = data->state.prevhead;
olen = strlen(hs->value); olen = strlen(hs->value);
oalloc = olen + strlen(hs->name) + 1;
offset = hs->value - hs->buffer; offset = hs->value - hs->buffer;
oalloc = olen + offset + 1;
/* skip all trailing space letters */ /* skip all trailing space letters */
while(vlen && ISSPACE(value[vlen - 1])) while(vlen && ISSPACE(value[vlen - 1]))

6
tests/data/test1274
View File

@ -19,7 +19,8 @@ Server: test-server/
Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
ETag: "21025-dc7-39462498" ETag: "21025-dc7-39462498"
Content-Length: 6 Content-Length: 6
Connection: close Connection:
close
-foo- -foo-
</data> </data>
@ -58,7 +59,8 @@ Server: test-server/
Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
ETag: "21025-dc7-39462498" ETag: "21025-dc7-39462498"
Content-Length: 6 Content-Length: 6
Connection: close Connection:
close
</file> </file>
</verify> </verify>