curl: only accept COLUMNS less than 10000

... as larger values would rather indicate something silly (and could potentially cause buffer problems). Reported-by: pendrek at hackerone Closes #4114
author: Daniel Stenberg <daniel@haxx.se> 2019-07-15 23:52:43 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2019-07-16 11:25:08 +0200
commit: 952998cbdb86a6b177881a013021c588a53e5801 (patch)
tree: 38b41a79c721f111659ec49e524af5718a9affb1
parent: 275b74a53d47174fcc29bab2fc23f599e1205f41 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/src/tool_cb_prg.c b/src/tool_cb_prg.c
index 05fe0e636..a18827c8b 100644
--- a/src/tool_cb_prg.c
+++ b/src/tool_cb_prg.c
@@ -210,7 +210,8 @@ void progressbarinit(struct ProgressData *bar,
   if(colp) {
     char *endptr;
     long num = strtol(colp, &endptr, 10);
-    if((endptr != colp) && (endptr == colp + strlen(colp)) && (num > 20))
+    if((endptr != colp) && (endptr == colp + strlen(colp)) && (num > 20) &&
+       (num < 10000))
       bar->width = (int)num;
     curl_free(colp);
   }
author	Daniel Stenberg <daniel@haxx.se>	2019-07-15 23:52:43 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2019-07-16 11:25:08 +0200
commit	952998cbdb86a6b177881a013021c588a53e5801 (patch)
tree	38b41a79c721f111659ec49e524af5718a9affb1
parent	275b74a53d47174fcc29bab2fc23f599e1205f41 (diff)