diff options
author | Daniel Stenberg <daniel@haxx.se> | 2018-05-18 16:48:13 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2018-05-18 23:33:44 +0200 |
commit | 404c8850da5a677638959f4e38bb7692cb887d3a (patch) | |
tree | 0cc2d3399ba189df38e83536b42a1f837da27aec | |
parent | 27aebcc1d1a0825af6e812f86bf5eaf510f610d1 (diff) |
curl_fnmatch: only allow two asterisks for matching
The previous limit of 5 can still end up in situation that takes a very
long time and consumes a lot of CPU.
If there is still a rare use case for this, a user can provide their own
fnmatch callback for a version that allows a larger set of wildcards.
This commit was triggered by yet another OSS-Fuzz timeout due to this.
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8369
Closes #2587
-rw-r--r-- | docs/libcurl/opts/CURLOPT_WILDCARDMATCH.3 | 4 | ||||
-rw-r--r-- | lib/curl_fnmatch.c | 2 | ||||
-rw-r--r-- | tests/unit/unit1307.c | 4 |
3 files changed, 3 insertions, 7 deletions
diff --git a/docs/libcurl/opts/CURLOPT_WILDCARDMATCH.3 b/docs/libcurl/opts/CURLOPT_WILDCARDMATCH.3 index 1ca1bedd4..da1fea9fb 100644 --- a/docs/libcurl/opts/CURLOPT_WILDCARDMATCH.3 +++ b/docs/libcurl/opts/CURLOPT_WILDCARDMATCH.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al. +.\" * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -41,7 +41,7 @@ A brief introduction of its syntax follows: .RS .IP "* - ASTERISK" \&ftp://example.com/some/path/\fB*.txt\fP (for all txt's from the root -directory) +directory). Only two asterisks are allowed within the same pattern string. .RE .RS .IP "? - QUESTION MARK" diff --git a/lib/curl_fnmatch.c b/lib/curl_fnmatch.c index 0179a4f71..268fe79b3 100644 --- a/lib/curl_fnmatch.c +++ b/lib/curl_fnmatch.c @@ -355,5 +355,5 @@ int Curl_fnmatch(void *ptr, const char *pattern, const char *string) if(!pattern || !string) { return CURL_FNMATCH_FAIL; } - return loop((unsigned char *)pattern, (unsigned char *)string, 5); + return loop((unsigned char *)pattern, (unsigned char *)string, 2); } diff --git a/tests/unit/unit1307.c b/tests/unit/unit1307.c index 0d2257bf0..5f60332b8 100644 --- a/tests/unit/unit1307.c +++ b/tests/unit/unit1307.c @@ -185,11 +185,7 @@ static const struct testcase tests[] = { { "\\?.txt", "x.txt", NOMATCH }, { "\\*.txt", "x.txt", NOMATCH }, { "\\*\\\\.txt", "*\\.txt", MATCH }, - { "*\\**\\?*\\\\*", "cc*cc?cc\\cc*cc", MATCH }, { "*\\**\\?*\\\\*", "cc*cc?cccc", NOMATCH }, - { "*\\**\\?*\\\\*", "cc*cc?cc\\cc*cc", MATCH }, - { "*\\?*\\**", "cc?c*c", MATCH }, - { "*\\?*\\**curl*", "cc?c*curl", MATCH }, { "*\\?*\\**", "cc?cc", NOMATCH }, { "\\\"\\$\\&\\'\\(\\)", "\"$&'()", MATCH }, { "\\*\\?\\[\\\\\\`\\|", "*?[\\`|", MATCH }, |