diff options
Diffstat (limited to 'www/curl/patches/patch-be')
| -rw-r--r-- | www/curl/patches/patch-be | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/www/curl/patches/patch-be b/www/curl/patches/patch-be new file mode 100644 index 00000000000..1930af54371 --- /dev/null +++ b/www/curl/patches/patch-be @@ -0,0 +1,27 @@ +$NetBSD: patch-be,v 1.1.2.2 2012/01/28 06:26:19 sbd Exp $ + +CVE-2012-0036 + +--- lib/smtp.c.orig 2011-11-04 22:32:57.000000000 +0000 ++++ lib/smtp.c +@@ -1243,7 +1243,6 @@ static CURLcode smtp_connect(struct conn + struct SessionHandle *data = conn->data; + struct pingpong *pp = &smtpc->pp; + const char *path = conn->data->state.path; +- int len; + char localhost[HOSTNAME_MAX + 1]; + + *done = FALSE; /* default to not done yet */ +@@ -1315,9 +1314,9 @@ static CURLcode smtp_connect(struct conn + } + + /* url decode the path and use it as domain with EHLO */ +- smtpc->domain = curl_easy_unescape(conn->data, path, 0, &len); +- if(!smtpc->domain) +- return CURLE_OUT_OF_MEMORY; ++ result = Curl_urldecode(conn->data, path, 0, &smtpc->domain, NULL, TRUE); ++ if(result) ++ return result; + + /* When we connect, we start in the state where we await the server greeting + */ |