curl / Mailing Lists / curl-library / Single Mail

Buy commercial curl support. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder Daniel himself.

Re: Some question about CVE-2022-35260

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Daniel Stenberg via curl-library <curl-library_at_lists.haxx.se>
Date: Thu, 2 Jan 2025 10:48:11 +0100 (CET)

On Thu, 2 Jan 2025, 陈星杵 via curl-library wrote:

> Hello! As stated on the website，the root cause about CVE-2022-35260[1] is
> the fgets lack the check of '\n', so curl can read past the end of the
> stack-based buffer. On this basis, I think the root cause is the line 85 of
> the patch, but the website show me the eeaae10c0fb27aa06[2] is the
> Vulnerability introduced commit. I want to know Where did my understanding
> go wrong.

Since both those commits were introcued in the same curl version, 7.84.0, I
don't think it is worth wasting energy on.

If you really want to be sure, I would advice you to write a reproducer test
case and run againt both versions to see which ones that can trigger the
problem.

--
  / daniel.haxx.se || https://rock-solid.curl.dev

-- 
Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library
Etiquette:   https://curl.se/mail/etiquette.html

Received on 2025-01-02

This message: [ Message body ]
Next message: Daniel Stenberg via curl-library: "Re: Some question about CVE-2019-3823"
Previous message: 陈星杵 via curl-library: "Some question about CVE-2022-35260"
In reply to: 陈星杵 via curl-library: "Some question about CVE-2022-35260"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]