summaryrefslogtreecommitdiff
path: root/src/Makefile.inc
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2014-10-17 12:59:32 +0200
committerDaniel Stenberg <daniel@haxx.se>2014-11-05 08:05:14 +0100
commitb3875606925536f82fc61f3114ac42f29eaf6945 (patch)
tree229666d262222b2f34967e00fb5300ec69cda258 /src/Makefile.inc
parentd997c8b2f6521d78c6ef63411cfeb226f7927281 (diff)
downloadcurl-b3875606925536f82fc61f3114ac42f29eaf6945.tar.gz
curl_easy_duphandle: CURLOPT_COPYPOSTFIELDS read out of bounds
When duplicating a handle, the data to post was duplicated using strdup() when it could be binary and contain zeroes and it was not even zero terminated! This caused read out of bounds crashes/segfaults. Since the lib/strdup.c file no longer is easily shared with the curl tool with this change, it now uses its own version instead. Bug: http://curl.haxx.se/docs/adv_20141105.html CVE: CVE-2014-3707 Reported-By: Symeon Paraschoudis
Diffstat (limited to 'src/Makefile.inc')
-rw-r--r--src/Makefile.inc4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/Makefile.inc b/src/Makefile.inc
index 64d55ecf9..401a635ad 100644
--- a/src/Makefile.inc
+++ b/src/Makefile.inc
@@ -11,7 +11,6 @@
# the official API, but we re-use the code here to avoid duplication.
CURLX_CFILES = \
../lib/strtoofft.c \
- ../lib/strdup.c \
../lib/rawstr.c \
../lib/nonblock.c \
../lib/warnless.c
@@ -19,7 +18,6 @@ CURLX_CFILES = \
CURLX_HFILES = \
../lib/curl_setup.h \
../lib/strtoofft.h \
- ../lib/strdup.h \
../lib/rawstr.h \
../lib/nonblock.h \
../lib/warnless.h
@@ -55,6 +53,7 @@ CURL_CFILES = \
tool_panykey.c \
tool_paramhlp.c \
tool_parsecfg.c \
+ tool_strdup.c \
tool_setopt.c \
tool_sleep.c \
tool_urlglob.c \
@@ -99,6 +98,7 @@ CURL_HFILES = \
tool_setopt.h \
tool_setup.h \
tool_sleep.h \
+ tool_strdup.h \
tool_urlglob.h \
tool_util.h \
tool_version.h \