fix CVE-2023-32001
(cherry picked from commit 176cfb56c90bc2e947cc1e414f2ef49037315875)
This commit is contained in:
sherlock2010
openeuler-sync-bot
parent
11a7a2b34c
commit
3f6d96044c
37
backport-CVE-2023-32001.patch
Normal file
37
backport-CVE-2023-32001.patch
Normal file
@ -0,0 +1,37 @@
|
||||
From 0c667188e0c6cda615a036b8a2b4125f2c404dde Mon Sep 17 00:00:00 2001
|
||||
From: SaltyMilk <soufiane.elmelcaoui@gmail.com>
|
||||
Date: Mon, 10 Jul 2023 21:43:28 +0200
|
||||
Subject: [PATCH] fopen: optimize
|
||||
|
||||
Closes #11419
|
||||
---
|
||||
lib/fopen.c | 12 ++++++------
|
||||
1 file changed, 6 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/lib/fopen.c b/lib/fopen.c
|
||||
index c9c9e3d6e..b6e3caddd 100644
|
||||
--- a/lib/fopen.c
|
||||
+++ b/lib/fopen.c
|
||||
@@ -56,13 +56,13 @@ CURLcode Curl_fopen(struct Curl_easy *data, const char *filename,
|
||||
int fd = -1;
|
||||
*tempname = NULL;
|
||||
|
||||
- if(stat(filename, &sb) == -1 || !S_ISREG(sb.st_mode)) {
|
||||
- /* a non-regular file, fallback to direct fopen() */
|
||||
- *fh = fopen(filename, FOPEN_WRITETEXT);
|
||||
- if(*fh)
|
||||
- return CURLE_OK;
|
||||
+ *fh = fopen(filename, FOPEN_WRITETEXT);
|
||||
+ if(!*fh)
|
||||
goto fail;
|
||||
- }
|
||||
+ if(fstat(fileno(*fh), &sb) == -1 || !S_ISREG(sb.st_mode))
|
||||
+ return CURLE_OK;
|
||||
+ fclose(*fh);
|
||||
+ *fh = NULL;
|
||||
|
||||
result = Curl_rand_hex(data, randsuffix, sizeof(randsuffix));
|
||||
if(result)
|
||||
--
|
||||
2.33.0
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
|
||||
Name: curl
|
||||
Version: 7.79.1
|
||||
Release: 22
|
||||
Release: 23
|
||||
Summary: Curl is used in command lines or scripts to transfer data
|
||||
License: MIT
|
||||
URL: https://curl.haxx.se/
|
||||
@ -72,6 +72,7 @@ Patch58: backport-test8-verify-that-ctrl-byte-cookies-are-ignored.patch
|
||||
Patch59: backport-test1948-verify-PUT-POST-reusing-the-same-handle.patch
|
||||
Patch60: backport-test387-verify-rejection-of-compression-chain-attack.patch
|
||||
Patch61: backport-hostcheck-fix-host-name-wildcard-checking.patch
|
||||
Patch62: backport-CVE-2023-32001.patch
|
||||
|
||||
BuildRequires: automake brotli-devel coreutils gcc groff krb5-devel
|
||||
BuildRequires: libidn2-devel libnghttp2-devel libpsl-devel
|
||||
@ -240,6 +241,12 @@ rm -rf ${RPM_BUILD_ROOT}%{_libdir}/libcurl.la
|
||||
%{_mandir}/man3/*
|
||||
|
||||
%changelog
|
||||
* Thu Jul 20 2023 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-23
|
||||
- Type:CVE
|
||||
- CVE:CVE-2023-32001
|
||||
- SUG:NA
|
||||
- DESC:fix CVE-2023-32001
|
||||
|
||||
* Mon Jul 10 2023 zhouyihang <zhouyihang3@h-partners.com> - 7.79.1-22
|
||||
- Type:bugfix
|
||||
- CVE:NA
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user