[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnurl] 23/222: smb: check for full size message before reading message
From: |
gnunet |
Subject: |
[gnurl] 23/222: smb: check for full size message before reading message details |
Date: |
Thu, 07 Nov 2019 00:08:39 +0100 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit 6de10536928d212387cc22fbf6e9793f260fc390
Author: Daniel Stenberg <address@hidden>
AuthorDate: Mon Sep 16 10:15:05 2019 +0200
smb: check for full size message before reading message details
To avoid reading of uninitialized data.
Assisted-by: Max Dymond
Bug: https://crbug.com/oss-fuzz/16907
Closes #4363
---
lib/smb.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/smb.c b/lib/smb.c
index f66c05ca4..12f99257f 100644
--- a/lib/smb.c
+++ b/lib/smb.c
@@ -682,7 +682,8 @@ static CURLcode smb_connection_state(struct connectdata
*conn, bool *done)
switch(smbc->state) {
case SMB_NEGOTIATE:
- if(h->status || smbc->got < sizeof(*nrsp) + sizeof(smbc->challenge) - 1) {
+ if((smbc->got < sizeof(*nrsp) + sizeof(smbc->challenge) - 1) ||
+ h->status) {
connclose(conn, "SMB: negotiation failed");
return CURLE_COULDNT_CONNECT;
}
--
To stop receiving notification emails like this one, please contact
address@hidden.
- [gnurl] 08/222: docs/HTTP3: fix `--with-ssl` ngtcp2 configure flag, (continued)
- [gnurl] 08/222: docs/HTTP3: fix `--with-ssl` ngtcp2 configure flag, gnunet, 2019/11/06
- [gnurl] 06/222: curlver: bump to 7.66.1, gnunet, 2019/11/06
- [gnurl] 05/222: setopt: make it easier to add new enum values, gnunet, 2019/11/06
- [gnurl] 11/222: parsedate: still provide the name arrays when disabled, gnunet, 2019/11/06
- [gnurl] 12/222: curl: fix memory leaked by parse_metalink(), gnunet, 2019/11/06
- [gnurl] 07/222: RELEASE-NOTES: synced, gnunet, 2019/11/06
- [gnurl] 13/222: FTP: skip CWD to entry dir when target is absolute, gnunet, 2019/11/06
- [gnurl] 10/222: curl:file2string: load large files much faster, gnunet, 2019/11/06
- [gnurl] 09/222: openssl: close_notify on the FTP data connection doesn't mean closure, gnunet, 2019/11/06
- [gnurl] 15/222: appveyor: add a winbuild, gnunet, 2019/11/06
- [gnurl] 23/222: smb: check for full size message before reading message details,
gnunet <=
- [gnurl] 17/222: docs: fix typo in CURLOPT_HTTP_VERSION man, gnunet, 2019/11/06
- [gnurl] 18/222: docs: remove trailing ':' from section names in CURLOPT_TRAILER* man, gnunet, 2019/11/06
- [gnurl] 25/222: doh: clean up dangling DOH handles and memory on easy close, gnunet, 2019/11/06
- [gnurl] 14/222: FTP: allow "rubbish" prepended to the SIZE response, gnunet, 2019/11/06
- [gnurl] 22/222: quiche: persist connection details, gnunet, 2019/11/06
- [gnurl] 19/222: doh: fix (harmless) buffer overrun, gnunet, 2019/11/06
- [gnurl] 24/222: unit1655: make it C90 compliant, gnunet, 2019/11/06
- [gnurl] 21/222: openssl: fix warning with boringssl and SSL_CTX_set_min_proto_version, gnunet, 2019/11/06
- [gnurl] 16/222: CI: inintial github action job, gnunet, 2019/11/06
- [gnurl] 20/222: doh: fix undefined behaviour and open up for gcc and clang optimization, gnunet, 2019/11/06