1 files changed, 67 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl/CVE-2020-8177.patch b/meta/recipes-support/curl/curl/CVE-2020-8177.patch
new file mode 100644
index 0000000000..4f14fa2306
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2020-8177.patch
@@ -0,0 +1,67 @@
+From 8236aba58542c5f89f1d41ca09d84579efb05e22 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Sun, 31 May 2020 23:09:59 +0200
+Subject: [PATCH] tool_getparam: -i is not OK if -J is used
+Reported-by: sn on hackerone
+Bug: https://curl.haxx.se/docs/CVE-2020-8177.html
+Upstream-Status: Backport
+CVE:CVE-2020-8177
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+---
+ src/tool_cb_hdr.c   | 22 ++++------------------
+ src/tool_getparam.c |  5 +++++
+ 2 files changed, 9 insertions(+), 18 deletions(-)
+Index: curl-7.69.1/src/tool_cb_hdr.c
+===================================================================
+--- curl-7.69.1.orig/src/tool_cb_hdr.c
+++ curl-7.69.1/src/tool_cb_hdr.c
+@@ -186,25 +186,11 @@ size_t tool_header_cb(char *ptr, size_t
+       filename = parse_filename(p, len);
+       if(filename) {
+         if(outs->stream) {
+-          int rc;
+-          /* already opened and possibly written to */
+-          if(outs->fopened)
+-            fclose(outs->stream);
+-          outs->stream = NULL;
+-
+-          /* rename the initial file name to the new file name */
+-          rc = rename(outs->filename, filename);
+-          if(rc != 0) {
+-            warnf(per->config->global, "Failed to rename %s -> %s: %s\n",
+-                  outs->filename, filename, strerror(errno));
+-          }
+-          if(outs->alloc_filename)
+-            Curl_safefree(outs->filename);
+-          if(rc != 0) {
+-            free(filename);
+-            return failure;
+-          }
+          /* indication of problem, get out! */
+          free(filename);
+          return failure;
+         }
+
+         outs->is_cd_filename = TRUE;
+         outs->s_isreg = TRUE;
+         outs->fopened = FALSE;
+Index: curl-7.69.1/src/tool_getparam.c
+===================================================================
+--- curl-7.69.1.orig/src/tool_getparam.c
+++ curl-7.69.1/src/tool_getparam.c
+@@ -1807,6 +1807,11 @@ ParameterError getparameter(const char *
+       }
+       break;
+     case 'i':
+      if(config->content_disposition) {
+        warnf(global,
+              "--include and --remote-header-name cannot be combined.\n");
+        return PARAM_BAD_USE;
+      }
+       config->show_headers = toggle; /* show the headers as well in the
+                                         general output stream */
+       break;

diff --git a/meta/recipes-support/curl/curl/CVE-2020-8177.patch b/meta/recipes-support/curl/curl/CVE-2020-8177.patch new file mode 100644 index 0000000000..4f14fa2306 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2020-8177.patch
@@ -0,0 +1,67 @@
	1	From 8236aba58542c5f89f1d41ca09d84579efb05e22 Mon Sep 17 00:00:00 2001
	2	From: Daniel Stenberg <daniel@haxx.se>
	3	Date: Sun, 31 May 2020 23:09:59 +0200
	4	Subject: [PATCH] tool_getparam: -i is not OK if -J is used
	5
	6	Reported-by: sn on hackerone
	7	Bug: https://curl.haxx.se/docs/CVE-2020-8177.html
	8
	9	Upstream-Status: Backport
	10	CVE:CVE-2020-8177
	11	Signed-off-by: Armin Kuster <akuster@mvista.com>
	12
	13	---
	14	src/tool_cb_hdr.c \| 22 ++++------------------
	15	src/tool_getparam.c \| 5 +++++
	16	2 files changed, 9 insertions(+), 18 deletions(-)
	17
	18	Index: curl-7.69.1/src/tool_cb_hdr.c
	19	===================================================================
	20	--- curl-7.69.1.orig/src/tool_cb_hdr.c
	21	+++ curl-7.69.1/src/tool_cb_hdr.c
	22	@@ -186,25 +186,11 @@ size_t tool_header_cb(char *ptr, size_t
	23	filename = parse_filename(p, len);
	24	if(filename) {
	25	if(outs->stream) {
	26	- int rc;
	27	- /* already opened and possibly written to */
	28	- if(outs->fopened)
	29	- fclose(outs->stream);
	30	- outs->stream = NULL;
	31	-
	32	- /* rename the initial file name to the new file name */
	33	- rc = rename(outs->filename, filename);
	34	- if(rc != 0) {
	35	- warnf(per->config->global, "Failed to rename %s -> %s: %s\n",
	36	- outs->filename, filename, strerror(errno));
	37	- }
	38	- if(outs->alloc_filename)
	39	- Curl_safefree(outs->filename);
	40	- if(rc != 0) {
	41	- free(filename);
	42	- return failure;
	43	- }
	44	+ /* indication of problem, get out! */
	45	+ free(filename);
	46	+ return failure;
	47	}
	48	+
	49	outs->is_cd_filename = TRUE;
	50	outs->s_isreg = TRUE;
	51	outs->fopened = FALSE;
	52	Index: curl-7.69.1/src/tool_getparam.c
	53	===================================================================
	54	--- curl-7.69.1.orig/src/tool_getparam.c
	55	+++ curl-7.69.1/src/tool_getparam.c
	56	@@ -1807,6 +1807,11 @@ ParameterError getparameter(const char *
	57	}
	58	break;
	59	case 'i':
	60	+ if(config->content_disposition) {
	61	+ warnf(global,
	62	+ "--include and --remote-header-name cannot be combined.\n");
	63	+ return PARAM_BAD_USE;
	64	+ }
	65	config->show_headers = toggle; /* show the headers as well in the
	66	general output stream */
	67	break;