mqtt: clear the leftovers pointer when sending succeeds

CVE-2021-22945 Bug: https://curl.se/docs/CVE-2021-22945.html
author: z2_ on hackerone <> 2021-08-24 09:50:33 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2021-09-13 16:51:31 +0200
commit: 43157490a5054bd24256fe12876931e8abc9df49 (patch)
tree: 83cd3e74980183c82e0230b92ed0164688ea5cbe /lib
parent: 409a4412409371db00af0a3fe987e517bfab3d19 (diff)
download: curl-43157490a5054bd24256fe12876931e8abc9df49.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/mqtt.c b/lib/mqtt.c
index f077e6c3d..fcd40b41e 100644
--- a/lib/mqtt.c
+++ b/lib/mqtt.c
@@ -128,6 +128,10 @@ static CURLcode mqtt_send(struct Curl_easy *data,
     mq->sendleftovers = sendleftovers;
     mq->nsend = nsend;
   }
+  else {
+    mq->sendleftovers = NULL;
+    mq->nsend = 0;
+  }
   return result;
 }
author	z2_ on hackerone <>	2021-08-24 09:50:33 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2021-09-13 16:51:31 +0200
commit	43157490a5054bd24256fe12876931e8abc9df49 (patch)
tree	83cd3e74980183c82e0230b92ed0164688ea5cbe /lib
parent	409a4412409371db00af0a3fe987e517bfab3d19 (diff)
download	curl-43157490a5054bd24256fe12876931e8abc9df49.tar.gz