new upstream release (fixes CVE-2012-0036)
This commit is contained in:
parent
37907ea2de
commit
f28824c4c6
1
.gitignore
vendored
1
.gitignore
vendored
@ -2,3 +2,4 @@
|
|||||||
/curl-7.21.7.tar.lzma
|
/curl-7.21.7.tar.lzma
|
||||||
/curl-7.22.0.tar.lzma
|
/curl-7.22.0.tar.lzma
|
||||||
/curl-7.23.0.tar.lzma
|
/curl-7.23.0.tar.lzma
|
||||||
|
/curl-7.24.0.tar.lzma
|
||||||
|
@ -1,227 +0,0 @@
|
|||||||
From c532604b137cae2e2814280778f914e4cd0460d1 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Daniel Stenberg <daniel@haxx.se>
|
|
||||||
Date: Sun, 20 Nov 2011 23:33:46 +0100
|
|
||||||
Subject: [PATCH] -J -O: use -O name if no Content-Disposition header comes!
|
|
||||||
|
|
||||||
A regression between 7.22.0 and 7.23.0 -- downloading a file with the
|
|
||||||
flags -O and -J results in the content being written to stdout if and
|
|
||||||
only if there was no Content-Disposition header in the http response. If
|
|
||||||
there is a C-D header with a filename attribute, the output is correctly
|
|
||||||
written.
|
|
||||||
|
|
||||||
Reported by: Dave Reisner
|
|
||||||
Bug: http://curl.haxx.se/mail/archive-2011-11/0030.html
|
|
||||||
|
|
||||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
|
||||||
---
|
|
||||||
src/tool_cb_hdr.c | 3 +-
|
|
||||||
src/tool_operate.c | 59 ++++++++++++++++++++++----------------------
|
|
||||||
src/tool_operhlp.c | 18 +++++++++++++
|
|
||||||
tests/data/Makefile.am | 2 +-
|
|
||||||
tests/data/test1210 | 63 ++++++++++++++++++++++++++++++++++++++++++++++++
|
|
||||||
5 files changed, 112 insertions(+), 33 deletions(-)
|
|
||||||
create mode 100644 tests/data/test1210
|
|
||||||
|
|
||||||
diff --git a/src/tool_cb_hdr.c b/src/tool_cb_hdr.c
|
|
||||||
index fb24b45..dea7338 100644
|
|
||||||
--- a/src/tool_cb_hdr.c
|
|
||||||
+++ b/src/tool_cb_hdr.c
|
|
||||||
@@ -66,8 +66,7 @@ size_t tool_header_cb(void *ptr, size_t size, size_t nmemb, void *userdata)
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
- if(!outs->filename && (cb > 20) &&
|
|
||||||
- checkprefix("Content-disposition:", str)) {
|
|
||||||
+ if((cb > 20) && checkprefix("Content-disposition:", str)) {
|
|
||||||
const char *p = str + 20;
|
|
||||||
|
|
||||||
/* look for the 'filename=' parameter
|
|
||||||
diff --git a/src/tool_operate.c b/src/tool_operate.c
|
|
||||||
index 7ab815f..1e88120 100644
|
|
||||||
--- a/src/tool_operate.c
|
|
||||||
+++ b/src/tool_operate.c
|
|
||||||
@@ -576,41 +576,40 @@ int operate(struct Configurable *config, int argc, argv_item_t argv[])
|
|
||||||
|
|
||||||
if((urlnode->flags & GETOUT_USEREMOTE)
|
|
||||||
&& config->content_disposition) {
|
|
||||||
- /* Our header callback sets the filename */
|
|
||||||
+ /* Our header callback MIGHT set the filename */
|
|
||||||
DEBUGASSERT(!outs.filename);
|
|
||||||
}
|
|
||||||
- else {
|
|
||||||
- if(config->resume_from_current) {
|
|
||||||
- /* We're told to continue from where we are now. Get the size
|
|
||||||
- of the file as it is now and open it for append instead */
|
|
||||||
- struct_stat fileinfo;
|
|
||||||
- /* VMS -- Danger, the filesize is only valid for stream files */
|
|
||||||
- if(0 == stat(outfile, &fileinfo))
|
|
||||||
- /* set offset to current file size: */
|
|
||||||
- config->resume_from = fileinfo.st_size;
|
|
||||||
- else
|
|
||||||
- /* let offset be 0 */
|
|
||||||
- config->resume_from = 0;
|
|
||||||
- }
|
|
||||||
|
|
||||||
- if(config->resume_from) {
|
|
||||||
- /* open file for output: */
|
|
||||||
- FILE *file = fopen(outfile, config->resume_from?"ab":"wb");
|
|
||||||
- if(!file) {
|
|
||||||
- helpf(config->errors, "Can't open '%s'!\n", outfile);
|
|
||||||
- res = CURLE_WRITE_ERROR;
|
|
||||||
- goto quit_urls;
|
|
||||||
- }
|
|
||||||
- outs.fopened = TRUE;
|
|
||||||
- outs.stream = file;
|
|
||||||
- outs.init = config->resume_from;
|
|
||||||
- }
|
|
||||||
- else {
|
|
||||||
- outs.stream = NULL; /* open when needed */
|
|
||||||
+ if(config->resume_from_current) {
|
|
||||||
+ /* We're told to continue from where we are now. Get the size
|
|
||||||
+ of the file as it is now and open it for append instead */
|
|
||||||
+ struct_stat fileinfo;
|
|
||||||
+ /* VMS -- Danger, the filesize is only valid for stream files */
|
|
||||||
+ if(0 == stat(outfile, &fileinfo))
|
|
||||||
+ /* set offset to current file size: */
|
|
||||||
+ config->resume_from = fileinfo.st_size;
|
|
||||||
+ else
|
|
||||||
+ /* let offset be 0 */
|
|
||||||
+ config->resume_from = 0;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if(config->resume_from) {
|
|
||||||
+ /* open file for output: */
|
|
||||||
+ FILE *file = fopen(outfile, config->resume_from?"ab":"wb");
|
|
||||||
+ if(!file) {
|
|
||||||
+ helpf(config->errors, "Can't open '%s'!\n", outfile);
|
|
||||||
+ res = CURLE_WRITE_ERROR;
|
|
||||||
+ goto quit_urls;
|
|
||||||
}
|
|
||||||
- outs.filename = outfile;
|
|
||||||
- outs.s_isreg = TRUE;
|
|
||||||
+ outs.fopened = TRUE;
|
|
||||||
+ outs.stream = file;
|
|
||||||
+ outs.init = config->resume_from;
|
|
||||||
+ }
|
|
||||||
+ else {
|
|
||||||
+ outs.stream = NULL; /* open when needed */
|
|
||||||
}
|
|
||||||
+ outs.filename = outfile;
|
|
||||||
+ outs.s_isreg = TRUE;
|
|
||||||
}
|
|
||||||
|
|
||||||
if(uploadfile && !stdin_upload(uploadfile)) {
|
|
||||||
diff --git a/src/tool_operhlp.c b/src/tool_operhlp.c
|
|
||||||
index 808d2d5..4c1697b 100644
|
|
||||||
--- a/src/tool_operhlp.c
|
|
||||||
+++ b/src/tool_operhlp.c
|
|
||||||
@@ -178,6 +178,24 @@ CURLcode get_url_file_name(char **filename, const char *url)
|
|
||||||
return CURLE_OUT_OF_MEMORY;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
+
|
|
||||||
+ /* in case we built debug enabled, we allow an environment variable
|
|
||||||
+ * named CURL_TESTDIR to prefix the given file name to put it into a
|
|
||||||
+ * specific directory
|
|
||||||
+ */
|
|
||||||
+#ifdef DEBUGBUILD
|
|
||||||
+ {
|
|
||||||
+ char *tdir = curlx_getenv("CURL_TESTDIR");
|
|
||||||
+ if(tdir) {
|
|
||||||
+ char buffer[512]; /* suitably large */
|
|
||||||
+ snprintf(buffer, sizeof(buffer), "%s/%s", tdir, *filename);
|
|
||||||
+ Curl_safefree(*filename);
|
|
||||||
+ *filename = strdup(buffer); /* clone the buffer */
|
|
||||||
+ curl_free(tdir);
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+#endif
|
|
||||||
+
|
|
||||||
return CURLE_OK;
|
|
||||||
}
|
|
||||||
|
|
||||||
diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
|
|
||||||
index 581d46b..c52ef24 100644
|
|
||||||
--- a/tests/data/Makefile.am
|
|
||||||
+++ b/tests/data/Makefile.am
|
|
||||||
@@ -76,7 +76,7 @@ test1110 test1111 test1112 test1113 test1114 test1115 test1116 test1117 \
|
|
||||||
test1118 test1119 test1120 test1121 test1122 test1123 test1124 test1125 \
|
|
||||||
test1126 test1127 test1128 test1129 test1130 test1131 \
|
|
||||||
test1200 test1201 test1202 test1203 test1204 test1205 test1206 test1207 \
|
|
||||||
-test1208 test1209 \
|
|
||||||
+test1208 test1209 test1210 \
|
|
||||||
test1300 test1301 test1302 test1303 test1304 test1305 \
|
|
||||||
test1306 test1307 test1308 test1309 test1310 test1311 test1312 test1313 \
|
|
||||||
test1314 \
|
|
||||||
diff --git a/tests/data/test1210 b/tests/data/test1210
|
|
||||||
new file mode 100644
|
|
||||||
index 0000000..df93198
|
|
||||||
--- /dev/null
|
|
||||||
+++ b/tests/data/test1210
|
|
||||||
@@ -0,0 +1,63 @@
|
|
||||||
+<testcase>
|
|
||||||
+<info>
|
|
||||||
+<keywords>
|
|
||||||
+HTTP
|
|
||||||
+HTTP GET
|
|
||||||
+-J
|
|
||||||
+</keywords>
|
|
||||||
+</info>
|
|
||||||
+
|
|
||||||
+#
|
|
||||||
+<reply>
|
|
||||||
+<data nocheck="yes">
|
|
||||||
+HTTP/1.1 200 OK
|
|
||||||
+Date: Thu, 09 Nov 2010 14:49:00 GMT
|
|
||||||
+Server: test-server/fake
|
|
||||||
+Content-Length: 6
|
|
||||||
+Connection: close
|
|
||||||
+Content-Type: text/html
|
|
||||||
+
|
|
||||||
+12345
|
|
||||||
+</data>
|
|
||||||
+</reply>
|
|
||||||
+
|
|
||||||
+#
|
|
||||||
+# Client-side
|
|
||||||
+<client>
|
|
||||||
+# this relies on the debug feature to allow us to set directory to store the
|
|
||||||
+# -O output in, using the CURL_TESTDIR variable
|
|
||||||
+<features>
|
|
||||||
+debug
|
|
||||||
+</features>
|
|
||||||
+<server>
|
|
||||||
+http
|
|
||||||
+</server>
|
|
||||||
+<name>
|
|
||||||
+HTTP GET with -J without Content-Disposition
|
|
||||||
+</name>
|
|
||||||
+<setenv>
|
|
||||||
+CURL_TESTDIR=%PWD/log
|
|
||||||
+</setenv>
|
|
||||||
+<command option="no-output,no-include">
|
|
||||||
+http://%HOSTIP:%HTTPPORT/1210 -J -O
|
|
||||||
+</command>
|
|
||||||
+</client>
|
|
||||||
+
|
|
||||||
+#
|
|
||||||
+# Verify data after the test has been "shot"
|
|
||||||
+<verify>
|
|
||||||
+<strip>
|
|
||||||
+^User-Agent:.*
|
|
||||||
+</strip>
|
|
||||||
+<protocol>
|
|
||||||
+GET /1210 HTTP/1.1
|
|
||||||
+Host: %HOSTIP:%HTTPPORT
|
|
||||||
+Accept: */*
|
|
||||||
+
|
|
||||||
+</protocol>
|
|
||||||
+<file name="log/1210">
|
|
||||||
+12345
|
|
||||||
+</file>
|
|
||||||
+
|
|
||||||
+</verify>
|
|
||||||
+</testcase>
|
|
||||||
--
|
|
||||||
1.7.1
|
|
||||||
|
|
@ -1,32 +0,0 @@
|
|||||||
From a8063d1e74cd86d0bbabee87aa57e660a08aca62 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Kamil Dudka <kdudka@redhat.com>
|
|
||||||
Date: Sun, 25 Dec 2011 22:37:24 +0100
|
|
||||||
Subject: [PATCH] transfer: avoid unnecessary timeout event when waiting for 100-continue
|
|
||||||
|
|
||||||
The commit 9dd85bc unintentionally changed the way we compute the time
|
|
||||||
spent waiting for 100-continue. In particular, when using a SSL client
|
|
||||||
certificate, the time spent by SSL handshake was included and could
|
|
||||||
cause the CURL_TIMEOUT_EXPECT_100 timeout to be mistakenly fired up.
|
|
||||||
|
|
||||||
Bug: https://bugzilla.redhat.com/767490
|
|
||||||
Reported by: Mamoru Tasaka
|
|
||||||
---
|
|
||||||
lib/transfer.c | 2 +-
|
|
||||||
1 files changed, 1 insertions(+), 1 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/lib/transfer.c b/lib/transfer.c
|
|
||||||
index e56fffd..3d82571 100644
|
|
||||||
--- a/lib/transfer.c
|
|
||||||
+++ b/lib/transfer.c
|
|
||||||
@@ -2364,7 +2364,7 @@ Curl_setup_transfer(
|
|
||||||
(data->state.proto.http->sending == HTTPSEND_BODY)) {
|
|
||||||
/* wait with write until we either got 100-continue or a timeout */
|
|
||||||
k->exp100 = EXP100_AWAITING_CONTINUE;
|
|
||||||
- k->start100 = k->start;
|
|
||||||
+ k->start100 = Curl_tvnow();
|
|
||||||
|
|
||||||
/* set a timeout for the multi interface */
|
|
||||||
Curl_expire(data, CURL_TIMEOUT_EXPECT_100);
|
|
||||||
--
|
|
||||||
1.7.1
|
|
||||||
|
|
@ -1,339 +0,0 @@
|
|||||||
From 4da66a40bc4c29bb8b1bc325c45525826a6db531 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Yang Tse <yangsita@gmail.com>
|
|
||||||
Date: Wed, 28 Dec 2011 23:04:23 +0100
|
|
||||||
Subject: [PATCH 1/2] ftpserver.pl: arbitrary application data splitting among
|
|
||||||
TCP packets [I]
|
|
||||||
|
|
||||||
Initial step in order to allow our pingpong server to better support arbitrary
|
|
||||||
application data splitting among TCP packets. This first commit only addresses
|
|
||||||
reasembly of data that sockfilter processes reads from soockets and pingpong
|
|
||||||
server later reads from sockfilters stdout.
|
|
||||||
|
|
||||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
|
||||||
---
|
|
||||||
tests/ftpserver.pl | 165 +++++++++++++++++++++++++++++++++++++++++++++++-----
|
|
||||||
1 files changed, 151 insertions(+), 14 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/tests/ftpserver.pl b/tests/ftpserver.pl
|
|
||||||
index 99722bb..cdd2916 100755
|
|
||||||
--- a/tests/ftpserver.pl
|
|
||||||
+++ b/tests/ftpserver.pl
|
|
||||||
@@ -116,6 +116,8 @@ local *SFWRITE; # used to write to primary connection
|
|
||||||
local *DREAD; # used to read from secondary connection
|
|
||||||
local *DWRITE; # used to write to secondary connection
|
|
||||||
|
|
||||||
+my $sockfilt_timeout = 5; # default timeout for sockfilter eXsysreads
|
|
||||||
+
|
|
||||||
#**********************************************************************
|
|
||||||
# global vars which depend on server protocol selection
|
|
||||||
#
|
|
||||||
@@ -220,6 +222,141 @@ sub ftpmsg {
|
|
||||||
# better on windows/cygwin
|
|
||||||
}
|
|
||||||
|
|
||||||
+#**********************************************************************
|
|
||||||
+# eXsysread is a wrapper around perl's sysread() function. This will
|
|
||||||
+# repeat the call to sysread() until it has actually read the complete
|
|
||||||
+# number of requested bytes or an unrecoverable condition occurs.
|
|
||||||
+# On success returns a positive value, the number of bytes requested.
|
|
||||||
+# On failure or timeout returns zero.
|
|
||||||
+#
|
|
||||||
+sub eXsysread {
|
|
||||||
+ my $FH = shift;
|
|
||||||
+ my $scalar = shift;
|
|
||||||
+ my $nbytes = shift;
|
|
||||||
+ my $timeout = shift; # A zero timeout disables eXsysread() time limit
|
|
||||||
+ #
|
|
||||||
+ my $time_limited = 0;
|
|
||||||
+ my $timeout_rest = 0;
|
|
||||||
+ my $start_time = 0;
|
|
||||||
+ my $nread = 0;
|
|
||||||
+ my $rc;
|
|
||||||
+
|
|
||||||
+ $$scalar = "";
|
|
||||||
+
|
|
||||||
+ if((not defined $nbytes) || ($nbytes < 1)) {
|
|
||||||
+ logmsg "Error: eXsysread() failure: " .
|
|
||||||
+ "length argument must be positive\n";
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+ if((not defined $timeout) || ($timeout < 0)) {
|
|
||||||
+ logmsg "Error: eXsysread() failure: " .
|
|
||||||
+ "timeout argument must be zero or positive\n";
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+ if($timeout > 0) {
|
|
||||||
+ # caller sets eXsysread() time limit
|
|
||||||
+ $time_limited = 1;
|
|
||||||
+ $timeout_rest = $timeout;
|
|
||||||
+ $start_time = int(time());
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ while($nread < $nbytes) {
|
|
||||||
+ if($time_limited) {
|
|
||||||
+ eval {
|
|
||||||
+ local $SIG{ALRM} = sub { die "alarm\n"; };
|
|
||||||
+ alarm $timeout_rest;
|
|
||||||
+ $rc = sysread($FH, $$scalar, $nbytes - $nread, $nread);
|
|
||||||
+ alarm 0;
|
|
||||||
+ };
|
|
||||||
+ $timeout_rest = $timeout - (int(time()) - $start_time);
|
|
||||||
+ if($timeout_rest < 1) {
|
|
||||||
+ logmsg "Error: eXsysread() failure: timed out\n";
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+ }
|
|
||||||
+ else {
|
|
||||||
+ $rc = sysread($FH, $$scalar, $nbytes - $nread, $nread);
|
|
||||||
+ }
|
|
||||||
+ if($got_exit_signal) {
|
|
||||||
+ logmsg "Error: eXsysread() failure: signalled to die\n";
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+ if(not defined $rc) {
|
|
||||||
+ if($!{EINTR}) {
|
|
||||||
+ logmsg "Warning: retrying sysread() interrupted system call\n";
|
|
||||||
+ next;
|
|
||||||
+ }
|
|
||||||
+ if($!{EAGAIN}) {
|
|
||||||
+ logmsg "Warning: retrying sysread() due to EAGAIN\n";
|
|
||||||
+ next;
|
|
||||||
+ }
|
|
||||||
+ if($!{EWOULDBLOCK}) {
|
|
||||||
+ logmsg "Warning: retrying sysread() due to EWOULDBLOCK\n";
|
|
||||||
+ next;
|
|
||||||
+ }
|
|
||||||
+ logmsg "Error: sysread() failure: $!\n";
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+ if($rc < 0) {
|
|
||||||
+ logmsg "Error: sysread() failure: returned negative value $rc\n";
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+ if($rc == 0) {
|
|
||||||
+ logmsg "Error: sysread() failure: read zero bytes\n";
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+ $nread += $rc;
|
|
||||||
+ }
|
|
||||||
+ return $nread;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+#**********************************************************************
|
|
||||||
+# read_mainsockf attempts to read the given amount of output from the
|
|
||||||
+# sockfilter which is in use for the main or primary connection. This
|
|
||||||
+# reads untranslated sockfilt lingo which may hold data read from the
|
|
||||||
+# main or primary socket. On success returns 1, otherwise zero.
|
|
||||||
+#
|
|
||||||
+sub read_mainsockf {
|
|
||||||
+ my $scalar = shift;
|
|
||||||
+ my $nbytes = shift;
|
|
||||||
+ my $timeout = shift; # Optional argument, if zero blocks indefinitively
|
|
||||||
+ my $FH = \*SFREAD;
|
|
||||||
+
|
|
||||||
+ if(not defined $timeout) {
|
|
||||||
+ $timeout = $sockfilt_timeout + ($nbytes >> 12);
|
|
||||||
+ }
|
|
||||||
+ if(eXsysread($FH, $scalar, $nbytes, $timeout) != $nbytes) {
|
|
||||||
+ my ($fcaller, $lcaller) = (caller)[1,2];
|
|
||||||
+ logmsg "Error: read_mainsockf() failure at $fcaller " .
|
|
||||||
+ "line $lcaller. Due to eXsysread() failure\n";
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+ return 1;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+#**********************************************************************
|
|
||||||
+# read_datasockf attempts to read the given amount of output from the
|
|
||||||
+# sockfilter which is in use for the data or secondary connection. This
|
|
||||||
+# reads untranslated sockfilt lingo which may hold data read from the
|
|
||||||
+# data or secondary socket. On success returns 1, otherwise zero.
|
|
||||||
+#
|
|
||||||
+sub read_datasockf {
|
|
||||||
+ my $scalar = shift;
|
|
||||||
+ my $nbytes = shift;
|
|
||||||
+ my $timeout = shift; # Optional argument, if zero blocks indefinitively
|
|
||||||
+ my $FH = \*DREAD;
|
|
||||||
+
|
|
||||||
+ if(not defined $timeout) {
|
|
||||||
+ $timeout = $sockfilt_timeout + ($nbytes >> 12);
|
|
||||||
+ }
|
|
||||||
+ if(eXsysread($FH, $scalar, $nbytes, $timeout) != $nbytes) {
|
|
||||||
+ my ($fcaller, $lcaller) = (caller)[1,2];
|
|
||||||
+ logmsg "Error: read_datasockf() failure at $fcaller " .
|
|
||||||
+ "line $lcaller. Due to eXsysread() failure\n";
|
|
||||||
+ return 0;
|
|
||||||
+ }
|
|
||||||
+ return 1;
|
|
||||||
+}
|
|
||||||
|
|
||||||
sub sysread_or_die {
|
|
||||||
my $FH = shift;
|
|
||||||
@@ -565,7 +702,7 @@ sub DATA_smtp {
|
|
||||||
$size = hex($1);
|
|
||||||
}
|
|
||||||
|
|
||||||
- sysread \*SFREAD, $line, $size;
|
|
||||||
+ read_mainsockf(\$line, $size);
|
|
||||||
|
|
||||||
$ulsize += $size;
|
|
||||||
print FILE $line if(!$nosave);
|
|
||||||
@@ -1140,7 +1277,7 @@ sub STOR_ftp {
|
|
||||||
$size = hex($1);
|
|
||||||
}
|
|
||||||
|
|
||||||
- sysread DREAD, $line, $size;
|
|
||||||
+ read_datasockf(\$line, $size);
|
|
||||||
|
|
||||||
#print STDERR " GOT: $size bytes\n";
|
|
||||||
|
|
||||||
@@ -1241,7 +1378,7 @@ sub PASV_ftp {
|
|
||||||
}
|
|
||||||
|
|
||||||
# READ the response data
|
|
||||||
- sysread_or_die(\*DREAD, \$i, $size);
|
|
||||||
+ read_datasockf(\$i, $size);
|
|
||||||
|
|
||||||
# The data is in the format
|
|
||||||
# IPvX/NNN
|
|
||||||
@@ -1815,38 +1952,38 @@ while(1) {
|
|
||||||
}
|
|
||||||
|
|
||||||
# data
|
|
||||||
- sysread SFREAD, $_, $size;
|
|
||||||
+ read_mainsockf(\$input, $size);
|
|
||||||
|
|
||||||
- ftpmsg $_;
|
|
||||||
+ ftpmsg $input;
|
|
||||||
|
|
||||||
# Remove trailing CRLF.
|
|
||||||
- s/[\n\r]+$//;
|
|
||||||
+ $input =~ s/[\n\r]+$//;
|
|
||||||
|
|
||||||
my $FTPCMD;
|
|
||||||
my $FTPARG;
|
|
||||||
- my $full=$_;
|
|
||||||
+ my $full = $input;
|
|
||||||
if($proto eq "imap") {
|
|
||||||
# IMAP is different with its identifier first on the command line
|
|
||||||
- unless (m/^([^ ]+) ([^ ]+) (.*)/ ||
|
|
||||||
- m/^([^ ]+) ([^ ]+)/) {
|
|
||||||
- sendcontrol "$1 '$_': command not understood.\r\n";
|
|
||||||
+ unless(($input =~ /^([^ ]+) ([^ ]+) (.*)/) ||
|
|
||||||
+ ($input =~ /^([^ ]+) ([^ ]+)/)) {
|
|
||||||
+ sendcontrol "$1 '$input': command not understood.\r\n";
|
|
||||||
last;
|
|
||||||
}
|
|
||||||
$cmdid=$1; # set the global variable
|
|
||||||
$FTPCMD=$2;
|
|
||||||
$FTPARG=$3;
|
|
||||||
}
|
|
||||||
- elsif (m/^([A-Z]{3,4})(\s(.*))?$/i) {
|
|
||||||
+ elsif($input =~ /^([A-Z]{3,4})(\s(.*))?$/i) {
|
|
||||||
$FTPCMD=$1;
|
|
||||||
$FTPARG=$3;
|
|
||||||
}
|
|
||||||
- elsif($proto eq "smtp" && m/^[A-Z0-9+\/]{0,512}={0,2}$/i) {
|
|
||||||
+ elsif(($proto eq "smtp") && ($input =~ /^[A-Z0-9+\/]{0,512}={0,2}$/i)) {
|
|
||||||
# SMTP long "commands" are base64 authentication data.
|
|
||||||
- $FTPCMD=$_;
|
|
||||||
+ $FTPCMD=$input;
|
|
||||||
$FTPARG="";
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
- sendcontrol "500 '$_': command not understood.\r\n";
|
|
||||||
+ sendcontrol "500 '$input': command not understood.\r\n";
|
|
||||||
last;
|
|
||||||
}
|
|
||||||
|
|
||||||
--
|
|
||||||
1.7.8.1
|
|
||||||
|
|
||||||
|
|
||||||
From 17ef4b9449f434eb105c652a57fea61572c78b5a Mon Sep 17 00:00:00 2001
|
|
||||||
From: Yang Tse <yangsita@gmail.com>
|
|
||||||
Date: Thu, 29 Dec 2011 23:40:06 +0100
|
|
||||||
Subject: [PATCH 2/2] ftpserver.pl: arbitrary application data splitting among
|
|
||||||
TCP packets [II]
|
|
||||||
|
|
||||||
Take in account that 'pingpong' server commands may arrive splitted among
|
|
||||||
several sockfilt 'DATA' PDU's.
|
|
||||||
|
|
||||||
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
|
||||||
---
|
|
||||||
tests/ftpserver.pl | 26 +++++++++++++++++---------
|
|
||||||
1 files changed, 17 insertions(+), 9 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/tests/ftpserver.pl b/tests/ftpserver.pl
|
|
||||||
index cdd2916..85476a2 100755
|
|
||||||
--- a/tests/ftpserver.pl
|
|
||||||
+++ b/tests/ftpserver.pl
|
|
||||||
@@ -1925,6 +1925,8 @@ while(1) {
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
+ my $full = "";
|
|
||||||
+
|
|
||||||
while(1) {
|
|
||||||
my $i;
|
|
||||||
|
|
||||||
@@ -1956,34 +1958,38 @@ while(1) {
|
|
||||||
|
|
||||||
ftpmsg $input;
|
|
||||||
|
|
||||||
+ $full .= $input;
|
|
||||||
+
|
|
||||||
+ # Loop until command completion
|
|
||||||
+ next unless($full =~ /\r\n$/);
|
|
||||||
+
|
|
||||||
# Remove trailing CRLF.
|
|
||||||
- $input =~ s/[\n\r]+$//;
|
|
||||||
+ $full =~ s/[\n\r]+$//;
|
|
||||||
|
|
||||||
my $FTPCMD;
|
|
||||||
my $FTPARG;
|
|
||||||
- my $full = $input;
|
|
||||||
if($proto eq "imap") {
|
|
||||||
# IMAP is different with its identifier first on the command line
|
|
||||||
- unless(($input =~ /^([^ ]+) ([^ ]+) (.*)/) ||
|
|
||||||
- ($input =~ /^([^ ]+) ([^ ]+)/)) {
|
|
||||||
- sendcontrol "$1 '$input': command not understood.\r\n";
|
|
||||||
+ unless(($full =~ /^([^ ]+) ([^ ]+) (.*)/) ||
|
|
||||||
+ ($full =~ /^([^ ]+) ([^ ]+)/)) {
|
|
||||||
+ sendcontrol "$1 '$full': command not understood.\r\n";
|
|
||||||
last;
|
|
||||||
}
|
|
||||||
$cmdid=$1; # set the global variable
|
|
||||||
$FTPCMD=$2;
|
|
||||||
$FTPARG=$3;
|
|
||||||
}
|
|
||||||
- elsif($input =~ /^([A-Z]{3,4})(\s(.*))?$/i) {
|
|
||||||
+ elsif($full =~ /^([A-Z]{3,4})(\s(.*))?$/i) {
|
|
||||||
$FTPCMD=$1;
|
|
||||||
$FTPARG=$3;
|
|
||||||
}
|
|
||||||
- elsif(($proto eq "smtp") && ($input =~ /^[A-Z0-9+\/]{0,512}={0,2}$/i)) {
|
|
||||||
+ elsif(($proto eq "smtp") && ($full =~ /^[A-Z0-9+\/]{0,512}={0,2}$/i)) {
|
|
||||||
# SMTP long "commands" are base64 authentication data.
|
|
||||||
- $FTPCMD=$input;
|
|
||||||
+ $FTPCMD=$full;
|
|
||||||
$FTPARG="";
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
- sendcontrol "500 '$input': command not understood.\r\n";
|
|
||||||
+ sendcontrol "500 '$full': command not understood.\r\n";
|
|
||||||
last;
|
|
||||||
}
|
|
||||||
|
|
||||||
@@ -1993,6 +1999,8 @@ while(1) {
|
|
||||||
print STDERR "IN: $full\n";
|
|
||||||
}
|
|
||||||
|
|
||||||
+ $full = "";
|
|
||||||
+
|
|
||||||
my $delay = $delayreply{$FTPCMD};
|
|
||||||
if($delay) {
|
|
||||||
# just go sleep this many seconds!
|
|
||||||
--
|
|
||||||
1.7.8.1
|
|
||||||
|
|
@ -6,7 +6,7 @@ diff --git a/configure b/configure
|
|||||||
index d3ecf69..6d8f085 100755
|
index d3ecf69..6d8f085 100755
|
||||||
--- a/configure
|
--- a/configure
|
||||||
+++ b/configure
|
+++ b/configure
|
||||||
@@ -15030,18 +15030,11 @@ $as_echo "yes" >&6; }
|
@@ -15040,18 +15040,11 @@ $as_echo "yes" >&6; }
|
||||||
gccvhi=`echo $gccver | cut -d . -f1`
|
gccvhi=`echo $gccver | cut -d . -f1`
|
||||||
gccvlo=`echo $gccver | cut -d . -f2`
|
gccvlo=`echo $gccver | cut -d . -f2`
|
||||||
compiler_num=`(expr $gccvhi "*" 100 + $gccvlo) 2>/dev/null`
|
compiler_num=`(expr $gccvhi "*" 100 + $gccvlo) 2>/dev/null`
|
||||||
|
@ -6,7 +6,7 @@ diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
|
|||||||
index 9370974..b553f54 100644
|
index 9370974..b553f54 100644
|
||||||
--- a/tests/data/Makefile.am
|
--- a/tests/data/Makefile.am
|
||||||
+++ b/tests/data/Makefile.am
|
+++ b/tests/data/Makefile.am
|
||||||
@@ -72,7 +72,7 @@ test1078 test1079 test1080 test1081 test1082 test1083 test1084 test1085 \
|
@@ -73,7 +73,7 @@ test1078 test1079 test1080 test1081 test1082 test1083 test1084 test1085 \
|
||||||
test1086 test1087 test1088 test1089 test1090 test1091 test1092 test1093 \
|
test1086 test1087 test1088 test1089 test1090 test1091 test1092 test1093 \
|
||||||
test1094 test1095 test1096 test1097 test1098 test1099 test1100 test1101 \
|
test1094 test1095 test1096 test1097 test1098 test1099 test1100 test1101 \
|
||||||
test1102 test1103 test1104 test1105 test1106 test1107 test1108 test1109 \
|
test1102 test1103 test1104 test1105 test1106 test1107 test1108 test1109 \
|
||||||
@ -19,7 +19,7 @@ diff --git a/tests/data/Makefile.in b/tests/data/Makefile.in
|
|||||||
index 435b126..1d71c4e 100644
|
index 435b126..1d71c4e 100644
|
||||||
--- a/tests/data/Makefile.in
|
--- a/tests/data/Makefile.in
|
||||||
+++ b/tests/data/Makefile.in
|
+++ b/tests/data/Makefile.in
|
||||||
@@ -320,7 +320,7 @@ test1078 test1079 test1080 test1081 test1082 test1083 test1084 test1085 \
|
@@ -326,7 +326,7 @@ test1078 test1079 test1080 test1081 test1082 test1083 test1084 test1085 \
|
||||||
test1086 test1087 test1088 test1089 test1090 test1091 test1092 test1093 \
|
test1086 test1087 test1088 test1089 test1090 test1091 test1092 test1093 \
|
||||||
test1094 test1095 test1096 test1097 test1098 test1099 test1100 test1101 \
|
test1094 test1095 test1096 test1097 test1098 test1099 test1100 test1101 \
|
||||||
test1102 test1103 test1104 test1105 test1106 test1107 test1108 test1109 \
|
test1102 test1103 test1104 test1105 test1106 test1107 test1108 test1109 \
|
||||||
|
@ -1,7 +0,0 @@
|
|||||||
-----BEGIN PGP SIGNATURE-----
|
|
||||||
Version: GnuPG v1.4.11 (GNU/Linux)
|
|
||||||
|
|
||||||
iEYEABECAAYFAk7CvskACgkQeOEcayedXJE+1wCfSGPiMFNxfrb4a27raX8CcBgV
|
|
||||||
gP4AoOJ8ye2MRiYw5aMILv9xFm14kygU
|
|
||||||
=E5o2
|
|
||||||
-----END PGP SIGNATURE-----
|
|
7
curl-7.24.0.tar.lzma.asc
Normal file
7
curl-7.24.0.tar.lzma.asc
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
-----BEGIN PGP SIGNATURE-----
|
||||||
|
Version: GnuPG v1.4.11 (GNU/Linux)
|
||||||
|
|
||||||
|
iEYEABECAAYFAk8eczoACgkQeOEcayedXJFoKACfUI6eBzthDt9SaQHF+uqXUIVS
|
||||||
|
ewEAoM1e4Cuwt8vjL/6m4sEZSaaJ0Jp+
|
||||||
|
=SL4u
|
||||||
|
-----END PGP SIGNATURE-----
|
21
curl.spec
21
curl.spec
@ -1,22 +1,13 @@
|
|||||||
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
|
Summary: A utility for getting files from remote servers (FTP, HTTP, and others)
|
||||||
Name: curl
|
Name: curl
|
||||||
Version: 7.23.0
|
Version: 7.24.0
|
||||||
Release: 6%{?dist}
|
Release: 1%{?dist}
|
||||||
License: MIT
|
License: MIT
|
||||||
Group: Applications/Internet
|
Group: Applications/Internet
|
||||||
Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
|
Source: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
|
||||||
Source2: curlbuild.h
|
Source2: curlbuild.h
|
||||||
Source3: hide_selinux.c
|
Source3: hide_selinux.c
|
||||||
|
|
||||||
# -J -O: use -O name if no Content-Disposition header comes!
|
|
||||||
Patch1: 0001-curl-7.23.0-c532604.patch
|
|
||||||
|
|
||||||
# transfer: avoid unnecessary timeout event when waiting for 100-continue
|
|
||||||
Patch2: 0002-curl-7.23.0-9f7f6a6.patch
|
|
||||||
|
|
||||||
# do not skip FTPS tests with nss-3.13
|
|
||||||
Patch3: 0003-curl-7.23.0-e99128a.patch
|
|
||||||
|
|
||||||
# patch making libcurl multilib ready
|
# patch making libcurl multilib ready
|
||||||
Patch101: 0101-curl-7.21.1-multilib.patch
|
Patch101: 0101-curl-7.21.1-multilib.patch
|
||||||
|
|
||||||
@ -115,11 +106,6 @@ for f in CHANGES README; do
|
|||||||
mv -f ${f}.utf8 ${f}
|
mv -f ${f}.utf8 ${f}
|
||||||
done
|
done
|
||||||
|
|
||||||
# upstream patches
|
|
||||||
%patch1 -p1
|
|
||||||
%patch2 -p1
|
|
||||||
%patch3 -p1
|
|
||||||
|
|
||||||
# Fedora patches
|
# Fedora patches
|
||||||
%patch101 -p1
|
%patch101 -p1
|
||||||
%patch102 -p1
|
%patch102 -p1
|
||||||
@ -232,6 +218,9 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%{_datadir}/aclocal/libcurl.m4
|
%{_datadir}/aclocal/libcurl.m4
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Jan 24 2012 Kamil Dudka <kdudka@redhat.com> 7.24.0-1
|
||||||
|
- new upstream release (fixes CVE-2012-0036)
|
||||||
|
|
||||||
* Thu Jan 05 2012 Paul Howarth <paul@city-fan.org> 7.23.0-6
|
* Thu Jan 05 2012 Paul Howarth <paul@city-fan.org> 7.23.0-6
|
||||||
- rebuild for gcc 4.7
|
- rebuild for gcc 4.7
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user