cURL / Mailing Lists / curl-users / Single Mail


Re: endless loop on redirect (with patch)

From: Daniel Stenberg <>
Date: Thu, 10 May 2001 15:00:22 +0200 (MET DST)

On Thu, 10 May 2001, Cris Bailiff wrote:

> This is likely to be a problem in other headers as well - white space is
> allowed anywhere within the headers, and is all equivalent. I haven't
> examined all the others, but I suspect ranges and 'Transfer-Encoding' may
> also be trouble.

Indeed, this problem exists on serveral places in Tranfer() (lib/transfer.c).

A good solution is probably to split up the comparisons from checking
strnequal(headerline, "header: content", length) as one string into a check
that splits the header and the content and checks them separately, like:
compareheader(headerline, "header", "content").

However, curl has had this "flaw" since the beginning and it was only found
yesterday. It proves how minor this problem actually is...

  Daniel Stenberg -- curl project maintainer --
Received on 2001-05-10