diff options
Diffstat (limited to 'meta/recipes-support/curl/curl/CVE-2022-27774-1.patch')
-rw-r--r-- | meta/recipes-support/curl/curl/CVE-2022-27774-1.patch | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl/CVE-2022-27774-1.patch b/meta/recipes-support/curl/curl/CVE-2022-27774-1.patch new file mode 100644 index 0000000000..063c11712a --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2022-27774-1.patch | |||
@@ -0,0 +1,45 @@ | |||
1 | From 2a797e099731facf62a2c675396334bc2ad3bc7c Mon Sep 17 00:00:00 2001 | ||
2 | From: Daniel Stenberg <daniel@haxx.se> | ||
3 | Date: Mon, 25 Apr 2022 16:24:33 +0200 | ||
4 | Subject: [PATCH] connect: store "conn_remote_port" in the info struct | ||
5 | |||
6 | To make it available after the connection ended. | ||
7 | |||
8 | Prerequisite for the patches that address CVE-2022-27774. | ||
9 | |||
10 | Upstream-Status: Backport [https://github.com/curl/curl/commit/08b8ef4e726ba10f45081ecda5b3cea788d3c839] | ||
11 | Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> | ||
12 | --- | ||
13 | lib/connect.c | 1 + | ||
14 | lib/urldata.h | 6 +++++- | ||
15 | 2 files changed, 6 insertions(+), 1 deletion(-) | ||
16 | |||
17 | diff --git a/lib/connect.c b/lib/connect.c | ||
18 | index b3d4057..a977d67 100644 | ||
19 | --- a/lib/connect.c | ||
20 | +++ b/lib/connect.c | ||
21 | @@ -624,6 +624,7 @@ void Curl_persistconninfo(struct connectdata *conn) | ||
22 | conn->data->info.conn_scheme = conn->handler->scheme; | ||
23 | conn->data->info.conn_protocol = conn->handler->protocol; | ||
24 | conn->data->info.conn_primary_port = conn->primary_port; | ||
25 | + conn->data->info.conn_remote_port = conn->remote_port; | ||
26 | conn->data->info.conn_local_port = conn->local_port; | ||
27 | } | ||
28 | |||
29 | diff --git a/lib/urldata.h b/lib/urldata.h | ||
30 | index fafb7a3..ab1b267 100644 | ||
31 | --- a/lib/urldata.h | ||
32 | +++ b/lib/urldata.h | ||
33 | @@ -1148,7 +1148,11 @@ struct PureInfo { | ||
34 | reused, in the connection cache. */ | ||
35 | |||
36 | char conn_primary_ip[MAX_IPADR_LEN]; | ||
37 | - long conn_primary_port; | ||
38 | + long conn_primary_port; /* this is the destination port to the connection, | ||
39 | + which might have been a proxy */ | ||
40 | + long conn_remote_port; /* this is the "remote port", which is the port | ||
41 | + number of the used URL, independent of proxy or | ||
42 | + not */ | ||
43 | char conn_local_ip[MAX_IPADR_LEN]; | ||
44 | long conn_local_port; | ||
45 | const char *conn_scheme; | ||