aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2010-02-09 09:35:48 +0000
committerDaniel Stenberg <daniel@haxx.se>2010-02-09 09:35:48 +0000
commit06ae8ca5a6e452e5cb555c1a511a9df8dec6657c (patch)
tree4da3bde9c75aa774767e854132634386f6bac1d3 /src
parentd33da42334169ad2a1c94571fc51e3735973097b (diff)
- When downloading compressed content over HTTP and the app as asked libcurl
to automatically uncompress it with the CURLOPT_ENCODING option, libcurl could wrongly provide the callback with more data than what the maximum documented amount. An application could thus get tricked into badness if the maximum limit was trusted to be enforced by libcurl itself (as it is documented). This is further detailed and explained in the libcurl security advisory 20100209 at http://curl.haxx.se/docs/adv_20100209.html
Diffstat (limited to 'src')
0 files changed, 0 insertions, 0 deletions