rpms/curl
8
0
Fork 1
Code Issues Pull Requests Releases Activity

Make up incomplete patch for host name wildcard checking

Browse Source 
Resolves: RHEL-5675
This commit is contained in:
Jacek Migacz 2024-12-17 20:29:09 +01:00
parent e0200bae40
commit c2418f1822
2 changed files with 14 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
0031-curl-7.76.1-CVE-2023-28321.patch
View File

@ -41,7 +41,7 @@ index e827dc58f378c..d061c6356f97f 100644
/* /*
* Match a hostname against a wildcard pattern. * Match a hostname against a wildcard pattern.
* E.g. * E.g.
@@ -65,26 +76,27 @@ @@ -65,26 +76,31 @@
static int hostmatch(char *hostname, char *pattern) static int hostmatch(char *hostname, char *pattern)
{ {
@ -73,10 +73,14 @@ index e827dc58f378c..d061c6356f97f 100644
- if(pattern_wildcard == NULL) - if(pattern_wildcard == NULL)
- return strcasecompare(pattern, hostname) ? - return strcasecompare(pattern, hostname) ?
- CURL_HOST_MATCH : CURL_HOST_NOMATCH; - CURL_HOST_MATCH : CURL_HOST_NOMATCH;
+ if(hostname[hostlen-1]=='.') + if(hostname[hostlen-1]=='.') {
+ hostname[hostlen-1] = 0; + hostname[hostlen-1] = 0;
+ if(pattern[patternlen-1]=='.') + hostlen--;
+ }
+ if(pattern[patternlen-1]=='.') {
+ pattern[patternlen-1] = 0; + pattern[patternlen-1] = 0;
+ patternlen--;
+ }
+ +
+ if(strncmp(pattern, "*.", 2)) + if(strncmp(pattern, "*.", 2))
+ return pmatch(hostname, hostlen, pattern, patternlen); + return pmatch(hostname, hostlen, pattern, patternlen);
@ -143,7 +147,7 @@ index 84f962abebee3..f31b2c2a3f330 100644
</keywords> </keywords>
</info> </info>
@@ -15,9 +14,9 @@ none @@ -14,9 +13,9 @@ none
<features> <features>
unittest unittest
</features> </features>
@ -154,7 +158,7 @@ index 84f962abebee3..f31b2c2a3f330 100644
+Curl_cert_hostcheck unit tests +Curl_cert_hostcheck unit tests
+</name> +</name>
</client> </client>
</testcase> </testcase>
diff --git a/tests/unit/unit1397.c b/tests/unit/unit1397.c diff --git a/tests/unit/unit1397.c b/tests/unit/unit1397.c
index 2f3d3aa4d09e1..3ae75618d5d10 100644 index 2f3d3aa4d09e1..3ae75618d5d10 100644
@ -169,7 +173,7 @@ index 2f3d3aa4d09e1..3ae75618d5d10 100644
static CURLcode unit_setup(void) static CURLcode unit_setup(void)
{ {
return CURLE_OK; return CURLE_OK;
@@ -30,50 +28,93 @@ static CURLcode unit_setup(void) @@ -30,50 +28,91 @@ static CURLcode unit_setup(void)
static void unit_stop(void) static void unit_stop(void)
{ {
@ -280,9 +284,7 @@ index 2f3d3aa4d09e1..3ae75618d5d10 100644
+ int i; + int i;
+ for(i = 0; tests[i].host; i++) { + for(i = 0; tests[i].host; i++) {
+ if(tests[i].match != Curl_cert_hostcheck(tests[i].pattern, + if(tests[i].match != Curl_cert_hostcheck(tests[i].pattern,
+ strlen(tests[i].pattern), + tests[i].host)) {
+ tests[i].host,
+ strlen(tests[i].host))) {
+ fprintf(stderr, + fprintf(stderr,
+ "HOST: %s\n" + "HOST: %s\n"
+ "PTRN: %s\n" + "PTRN: %s\n"

3
curl.spec
View File

@ -586,6 +586,9 @@ rm -f ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
%{_libdir}/libcurl.so.4.[0-9].[0-9].minimal %{_libdir}/libcurl.so.4.[0-9].[0-9].minimal
%changelog %changelog
* Tue Dec 17 2024 Jacek Migacz <jmigacz@redhat.com> - 7.76.1-32
- make up incomplete patch for host name wildcard checking (RHEL-5675)
* Thu Aug 22 2024 Jacek Migacz <jmigacz@redhat.com> - 7.76.1-31 * Thu Aug 22 2024 Jacek Migacz <jmigacz@redhat.com> - 7.76.1-31
- provide common cleanup method for push headers (CVE-2024-2398) - provide common cleanup method for push headers (CVE-2024-2398)