curl: fix --local-port integer overflow

The tool's local port command line range parser didn't check for integer overflows and could pass "weird" data to libcurl for this option. libcurl however, has a strict range check for the values so it rejects anything outside of the accepted range. Reported-by: Brian Carpenter Closes #3242
author: Daniel Stenberg <daniel@haxx.se> 2018-11-05 11:57:29 +0100
committer: Daniel Stenberg <daniel@haxx.se> 2018-11-07 11:48:17 +0100
commit: 52db54869e628c5b13039ecc2b4757f8eb969834 (patch)
tree: 1d2958a5aa7fa1cace4e54c54e0ea92bd2b84883 /src/tool_operate.c
parent: bda4ef417a00c91e3a7829fdba4b0968dd62e497 (diff)
download: curl-52db54869e628c5b13039ecc2b4757f8eb969834.tar.gz
1 files changed, 2 insertions, 3 deletions
diff --git a/src/tool_operate.c b/src/tool_operate.c
index 5a72b6a8c..46ca316f9 100644
--- a/src/tool_operate.c
+++ b/src/tool_operate.c
@@ -1371,9 +1371,8 @@ static CURLcode operate_do(struct GlobalConfig *global,
 
         /* curl 7.15.2 */
         if(config->localport) {
-          my_setopt(curl, CURLOPT_LOCALPORT, (long)config->localport);
-          my_setopt_str(curl, CURLOPT_LOCALPORTRANGE,
-                        (long)config->localportrange);
+          my_setopt(curl, CURLOPT_LOCALPORT, config->localport);
+          my_setopt_str(curl, CURLOPT_LOCALPORTRANGE, config->localportrange);
         }
 
         /* curl 7.15.5 */
author	Daniel Stenberg <daniel@haxx.se>	2018-11-05 11:57:29 +0100
committer	Daniel Stenberg <daniel@haxx.se>	2018-11-07 11:48:17 +0100
commit	52db54869e628c5b13039ecc2b4757f8eb969834 (patch)
tree	1d2958a5aa7fa1cace4e54c54e0ea92bd2b84883 /src/tool_operate.c
parent	bda4ef417a00c91e3a7829fdba4b0968dd62e497 (diff)
download	curl-52db54869e628c5b13039ecc2b4757f8eb969834.tar.gz