diff options
| author | Daniel Stenberg <daniel@haxx.se> | 2021-07-05 17:13:29 +0200 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2021-07-05 22:49:12 +0200 |
| commit | a62ece3f57d0097b25a2010056336324d8e4423c (patch) | |
| tree | 1ea655a5007ea65f77b046de1e1da310b0735fce /lib/c-hyper.c | |
| parent | 0965348cd8ebc8dc124a51b3cb8a245063ae656a (diff) | |
| download | curl-a62ece3f57d0097b25a2010056336324d8e4423c.tar.gz | |
c-hyper: bail on too long response headers
To match with built-in behaviors. Makes test 1154 work.
Closes #7350
Diffstat (limited to 'lib/c-hyper.c')
| -rw-r--r-- | lib/c-hyper.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/lib/c-hyper.c b/lib/c-hyper.c index e5b352c99..7a22007ce 100644 --- a/lib/c-hyper.c +++ b/lib/c-hyper.c @@ -126,6 +126,12 @@ static int hyper_each_header(void *userdata, CURLcode result; int writetype; + if(name_len + value_len + 2 > CURL_MAX_HTTP_HEADER) { + failf(data, "Too long response header"); + data->state.hresult = CURLE_OUT_OF_MEMORY; + return HYPER_ITER_BREAK; + } + if(!data->req.bytecount) Curl_pgrsTime(data, TIMER_STARTTRANSFER); |