diff options
author | Daniel Stenberg <daniel@haxx.se> | 2014-12-25 23:55:03 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2015-01-07 22:55:56 +0100 |
commit | 178bd7db34f77e020fb8562890c5625ccbd67093 (patch) | |
tree | 91533e1b0acddc41456cc249c9150a033f9bf95a | |
parent | f7d5ecec9c99d283a9a196eca88ba70560321eaf (diff) |
url-parsing: reject CRLFs within URLs
Bug: http://curl.haxx.se/docs/adv_20150108B.html
Reported-by: Andrey Labunets
-rw-r--r-- | lib/url.c | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -3842,6 +3842,13 @@ static CURLcode parseurlandfillconn(struct SessionHandle *data, *prot_missing = FALSE; + /* We might pass the entire URL into the request so we need to make sure + * there are no bad characters in there.*/ + if(strpbrk(data->change.url, "\r\n")) { + failf(data, "Illegal characters found in URL"); + return CURLE_URL_MALFORMAT; + } + /************************************************************* * Parse the URL. * |