diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2019-07-15 23:52:43 +0200 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2019-07-16 11:25:08 +0200 |
| commit | 952998cbdb86a6b177881a013021c588a53e5801 (patch) | |
| tree | 38b41a79c721f111659ec49e524af5718a9affb1 | |
| parent | 275b74a53d47174fcc29bab2fc23f599e1205f41 (diff) | |
| download | curl-952998cbdb86a6b177881a013021c588a53e5801.tar.gz | |
curl: only accept COLUMNS less than 10000
... as larger values would rather indicate something silly (and could
potentially cause buffer problems).
Reported-by: pendrek at hackerone
Closes #4114
| -rw-r--r-- | src/tool_cb_prg.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/tool_cb_prg.c b/src/tool_cb_prg.c index 05fe0e636..a18827c8b 100644 --- a/src/tool_cb_prg.c +++ b/src/tool_cb_prg.c @@ -210,7 +210,8 @@ void progressbarinit(struct ProgressData *bar, if(colp) { char *endptr; long num = strtol(colp, &endptr, 10); - if((endptr != colp) && (endptr == colp + strlen(colp)) && (num > 20)) + if((endptr != colp) && (endptr == colp + strlen(colp)) && (num > 20) && + (num < 10000)) bar->width = (int)num; curl_free(colp); } |