From 4e2ac2afa94f014a2a015c48c678e2367a63ae82 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <[email protected]>
Date: Thu, 25 Dec 2014 23:55:03 +0100
Subject: [PATCH] url-parsing: reject CRLFs within URLs
Bug: http://curl.haxx.se/docs/adv_20150108B.html
Reported-by: Andrey Labunets
---
lib/url.c | 7 +++++++
1 file changed, 7 insertions(+)
This fix is already available upstream in curl version 7.40.0
--- lib/url.c.orig 2015-01-05 17:12:46.302124082 -0800
+++ lib/url.c 2015-01-05 17:13:15.299976184 -0800
@@ -3545,6 +3545,13 @@
*prot_missing = FALSE;
+ /* We might pass the entire URL into the request so we need to make sure
+ * there are no bad characters in there.*/
+ if(strpbrk(data->change.url, "\r\n")) {
+ failf(data, "Illegal characters found in URL");
+ return CURLE_URL_MALFORMAT;
+ }
+
/*************************************************************
* Parse the URL.
*