diff options
author | Major_Tom <9447735+MajorTomSec@users.noreply.github.com> | 2020-05-13 21:41:27 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2020-05-14 08:36:35 +0200 |
commit | 8e762199b094cd77fcd636fee2c503a5b00d0d2e (patch) | |
tree | 0d6b0efca1db4ce335ef389bd66cb4689212b03e /docs/libcurl/opts/CURLMOPT_TIMERFUNCTION.3 | |
parent | f9983a6f9eb5314ad1a788d06929f6763ada6204 (diff) |
vauth/cleartext: fix theoretical integer overflow
Fix theoretical integer overflow in Curl_auth_create_plain_message.
The security impact of the overflow was discussed on hackerone. We
agreed this is more of a theoretical vulnerability, as the integer
overflow would only be triggerable on systems using 32-bits size_t with
over 4GB of available memory space for the process.
Closes #5391
Diffstat (limited to 'docs/libcurl/opts/CURLMOPT_TIMERFUNCTION.3')
0 files changed, 0 insertions, 0 deletions