openkylin
/
curl
mirror of https://gitee.com/openkylin/curl.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

Repair CVE-2021-22876

This commit is contained in:
liwenjie 2022-11-07 10:00:33 +08:00 committed by handsome_feng
parent 4915f017ee
commit dfd3f7bbda
1 changed files with 23 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
lib/transfer.c
View File

@ -1572,6 +1572,9 @@ CURLcode Curl_follow(struct Curl_easy *data,
data->set.followlocation++; /* count location-followers */
if(data->set.http_auto_referer) {
CURLU *u;
char *referer;
/* We are asked to automatically set the previous URL as the referer
when we get the next URL. We pick the ->url field, which may or may
not be 100% correct */
@ -1581,9 +1584,27 @@ CURLcode Curl_follow(struct Curl_easy *data,
data->change.referer_alloc = FALSE;
}
data->change.referer = strdup(data->change.url);
if(!data->change.referer)
/* Make a copy of the URL without crenditals and fragment */
u = curl_url();
if(!u)
return CURLE_OUT_OF_MEMORY;
uc = curl_url_set(u, CURLUPART_URL, data->change.url, 0);
if(!uc)
uc = curl_url_set(u, CURLUPART_FRAGMENT, NULL, 0);
if(!uc)
uc = curl_url_set(u, CURLUPART_USER, NULL, 0);
if(!uc)
uc = curl_url_set(u, CURLUPART_PASSWORD, NULL, 0);
if(!uc)
uc = curl_url_get(u, CURLUPART_URL, &referer, 0);
curl_url_cleanup(u);
if(uc || referer == NULL)
return CURLE_OUT_OF_MEMORY;
data->change.referer = referer;
data->change.referer_alloc = TRUE; /* yes, free this later */
}
}