From ed398dec4b674927df97747e22a6d19ba30c90da Mon Sep 17 00:00:00 2001 From: Kamil Dudka Date: Fri, 3 Jun 2016 13:27:18 +0200 Subject: [PATCH] Resolves: #1340757 - fix SIGSEGV of the curl tool ... while parsing URL with too many globs --- 0007-curl-7.49.1-urlglob.patch | 35 ++++++++++++++++++++++++++++++++++ curl.spec | 9 ++++++++- 2 files changed, 43 insertions(+), 1 deletion(-) create mode 100644 0007-curl-7.49.1-urlglob.patch diff --git a/0007-curl-7.49.1-urlglob.patch b/0007-curl-7.49.1-urlglob.patch new file mode 100644 index 0000000..8b72ac6 --- /dev/null +++ b/0007-curl-7.49.1-urlglob.patch @@ -0,0 +1,35 @@ +From 5a3eddc9c327dcc20620d8ae47b27f5085811c7e Mon Sep 17 00:00:00 2001 +From: Kamil Dudka +Date: Fri, 3 Jun 2016 11:26:20 +0200 +Subject: [PATCH] tool_urlglob: fix off-by-one error in glob_parse() + +... causing SIGSEGV while parsing URL with too many globs. +Minimal example: + +$ curl $(for i in $(seq 101); do printf '{a}'; done) + +Reported-by: Romain Coltel +Bug: https://bugzilla.redhat.com/1340757 + +Upstream-commit: 584d0121c353ed855115c39f6cbc009854018029 +Signed-off-by: Kamil Dudka +--- + src/tool_urlglob.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c +index 70d17fe..a357b8b 100644 +--- a/src/tool_urlglob.c ++++ b/src/tool_urlglob.c +@@ -401,7 +401,7 @@ static CURLcode glob_parse(URLGlob *glob, char *pattern, + } + } + +- if(++glob->size > GLOB_PATTERN_NUM) ++ if(++glob->size >= GLOB_PATTERN_NUM) + return GLOBERROR("too many globs", pos, CURLE_URL_MALFORMAT); + } + return res; +-- +2.5.5 + diff --git a/curl.spec b/curl.spec index 15396aa..232f517 100644 --- a/curl.spec +++ b/curl.spec @@ -1,12 +1,15 @@ Summary: A utility for getting files from remote servers (FTP, HTTP, and others) Name: curl Version: 7.49.1 -Release: 1%{?dist} +Release: 2%{?dist} License: MIT Group: Applications/Internet Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma Source2: curlbuild.h +# fix SIGSEGV of the curl tool while parsing URL with too many globs (#1340757) +Patch7: 0007-curl-7.49.1-urlglob.patch + # patch making libcurl multilib ready Patch101: 0101-curl-7.32.0-multilib.patch @@ -118,6 +121,7 @@ documentation of the library, too. %setup -q # upstream patches +%patch7 -p1 # Fedora patches %patch101 -p1 @@ -233,6 +237,9 @@ rm -rf $RPM_BUILD_ROOT %{_datadir}/aclocal/libcurl.m4 %changelog +* Fri Jun 03 2016 Kamil Dudka 7.49.1-2 +- fix SIGSEGV of the curl tool while parsing URL with too many globs (#1340757) + * Mon May 30 2016 Kamil Dudka 7.49.1-1 - new upstream release