aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2019-07-15 23:52:43 +0200
committerDaniel Stenberg <daniel@haxx.se>2019-07-16 11:25:08 +0200
commit952998cbdb86a6b177881a013021c588a53e5801 (patch)
tree38b41a79c721f111659ec49e524af5718a9affb1
parent275b74a53d47174fcc29bab2fc23f599e1205f41 (diff)
curl: only accept COLUMNS less than 10000
... as larger values would rather indicate something silly (and could potentially cause buffer problems). Reported-by: pendrek at hackerone Closes #4114
-rw-r--r--src/tool_cb_prg.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/src/tool_cb_prg.c b/src/tool_cb_prg.c
index 05fe0e636..a18827c8b 100644
--- a/src/tool_cb_prg.c
+++ b/src/tool_cb_prg.c
@@ -210,7 +210,8 @@ void progressbarinit(struct ProgressData *bar,
if(colp) {
char *endptr;
long num = strtol(colp, &endptr, 10);
- if((endptr != colp) && (endptr == colp + strlen(colp)) && (num > 20))
+ if((endptr != colp) && (endptr == colp + strlen(colp)) && (num > 20) &&
+ (num < 10000))
bar->width = (int)num;
curl_free(colp);
}