|
1 From cef510beb222ab5750afcac2c74fcbcdc31ada64 Mon Sep 17 00:00:00 2001 |
|
2 From: Daniel Stenberg <[email protected]> |
|
3 Date: Tue, 27 Sep 2016 18:01:53 +0200 |
|
4 Subject: [PATCH] connectionexists: use case sensitive user/password |
|
5 comparisons |
|
6 |
|
7 CVE-2016-8616 |
|
8 |
|
9 Bug: https://curl.haxx.se/docs/adv_20161102B.html |
|
10 Reported-by: Cure53 |
|
11 --- |
|
12 lib/url.c | 12 ++++++------ |
|
13 1 file changed, 6 insertions(+), 6 deletions(-) |
|
14 |
|
15 --- lib/url.c |
|
16 +++ lib/url.c |
|
17 @@ -3401,12 +3401,12 @@ ConnectionExists(struct Curl_easy *data, |
|
18 } |
|
19 |
|
20 if(!(needle->handler->flags & PROTOPT_CREDSPERREQUEST)) { |
|
21 /* This protocol requires credentials per connection, |
|
22 so verify that we're using the same name and password as well */ |
|
23 - if(!strequal(needle->user, check->user) || |
|
24 - !strequal(needle->passwd, check->passwd)) { |
|
25 + if(strcmp(needle->user, check->user) || |
|
26 + strcmp(needle->passwd, check->passwd)) { |
|
27 /* one of them was different */ |
|
28 continue; |
|
29 } |
|
30 } |
|
31 |
|
32 @@ -3462,12 +3462,12 @@ ConnectionExists(struct Curl_easy *data, |
|
33 already authenticating with the right credentials. If not, keep |
|
34 looking so that we can reuse NTLM connections if |
|
35 possible. (Especially we must not reuse the same connection if |
|
36 partway through a handshake!) */ |
|
37 if(wantNTLMhttp) { |
|
38 - if(!strequal(needle->user, check->user) || |
|
39 - !strequal(needle->passwd, check->passwd)) |
|
40 + if(strcmp(needle->user, check->user) || |
|
41 + strcmp(needle->passwd, check->passwd)) |
|
42 continue; |
|
43 } |
|
44 else if(check->ntlm.state != NTLMSTATE_NONE) { |
|
45 /* Connection is using NTLM auth but we don't want NTLM */ |
|
46 continue; |
|
47 @@ -3477,8 +3477,8 @@ ConnectionExists(struct SessionHandle *data, |
|
48 if(wantProxyNTLMhttp) { |
|
49 - if(!strequal(needle->proxyuser, check->proxyuser) || |
|
50 - !strequal(needle->proxypasswd, check->proxypasswd)) |
|
51 + if(strcmp(needle->proxyuser, check->proxyuser) || |
|
52 + strcmp(needle->proxypasswd, check->proxypasswd)) |
|
53 continue; |
|
54 } |
|
55 else if(check->proxyntlm.state != NTLMSTATE_NONE) { |
|
56 /* Proxy connection is using NTLM auth but we don't want NTLM */ |
|
57 continue; |
|
58 -- |
|
59 2.9.3 |
|
60 |