[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 195/220: smtp: check for and bail out on too short
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [gnurl] 195/220: smtp: check for and bail out on too short EHLO response |
|
Date: |
Thu, 12 Sep 2019 17:29:15 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit 4d0306c6982ad80be532438265c52c39a55889a0
Author: Daniel Stenberg <address@hidden>
AuthorDate: Mon Sep 2 23:04:26 2019 +0200
smtp: check for and bail out on too short EHLO response
Otherwise, a three byte response would make the smtp_state_ehlo_resp()
function misbehave.
Credit to OSS-Fuzz
Bug: https://crbug.com/oss-fuzz/16918
Assisted-by: Max Dymond
Closes #4287
---
lib/smtp.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/lib/smtp.c b/lib/smtp.c
index 0db3c1e1c..65220b0f6 100644
--- a/lib/smtp.c
+++ b/lib/smtp.c
@@ -714,7 +714,7 @@ static CURLcode smtp_state_ehlo_resp(struct connectdata
*conn, int smtpcode,
result = CURLE_REMOTE_ACCESS_DENIED;
}
}
- else {
+ else if(len >= 4) {
line += 4;
len -= 4;
@@ -785,6 +785,10 @@ static CURLcode smtp_state_ehlo_resp(struct connectdata
*conn, int smtpcode,
result = smtp_perform_authentication(conn);
}
}
+ else {
+ failf(data, "Unexpectedly short EHLO response");
+ result = CURLE_WEIRD_SERVER_REPLY;
+ }
return result;
}
--
To stop receiving notification emails like this one, please contact
address@hidden.
- [GNUnet-SVN] [gnurl] 198/220: netrc: free 'home' on error, (continued)
- [GNUnet-SVN] [gnurl] 198/220: netrc: free 'home' on error, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 213/220: THANKS: from the 7.66.0 release, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 200/220: KNOWN_BUGS/TODO: cleanup and remove outdated issues, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 206/220: travis: disable ngtcp2 builds (again), gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 193/220: ROADMAP: updated after recent user poll, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 212/220: curl: make sure the parallel transfers do them all, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 199/220: RELEASE-NOTES: synced, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 217/220: update sed script, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 151/220: http: remove chunked-encoding and expect header use for HTTP/3, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 189/220: CI: remove duplicate configure flag for LGTM.com, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 195/220: smtp: check for and bail out on too short EHLO response,
gnunet <=
- [GNUnet-SVN] [gnurl] 205/220: Curl_fillreadbuffer: avoid double-free trailer buf on error, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 204/220: tool_setopt: handle a libcurl build without netrc support, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 194/220: smb: init *msg to NULL in smb_send_and_recv(), gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 207/220: sspi: fix memory leaks, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 209/220: openssl: use SSL_CTX_set_<min|max>_proto_version() when available, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 210/220: urlapi: verify the IPv6 numerical address, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 218/220: docs: curl->gnurl sed, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 220/220: doc: man 3 rename., gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 219/220: rename man 3 file, gnunet, 2019/09/12
- [GNUnet-SVN] [gnurl] 208/220: openssl: indent, re-organize and add comments, gnunet, 2019/09/12