From b3ee26c5df75d97f6895e6ec4538894ebaf76e48 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 27 Sep 2016 18:01:53 +0200 Subject: connectionexists: use case sensitive user/password comparisons CVE-2016-8616 Bug: https://curl.haxx.se/docs/adv_20161102B.html Reported-by: Cure53 --- lib/url.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'lib') diff --git a/lib/url.c b/lib/url.c index 737d6bfed..b2490fe15 100644 --- a/lib/url.c +++ b/lib/url.c @@ -3394,8 +3394,8 @@ ConnectionExists(struct Curl_easy *data, if(!(needle->handler->flags & PROTOPT_CREDSPERREQUEST)) { /* This protocol requires credentials per connection, so verify that we're using the same name and password as well */ - if(!strequal(needle->user, check->user) || - !strequal(needle->passwd, check->passwd)) { + if(strcmp(needle->user, check->user) || + strcmp(needle->passwd, check->passwd)) { /* one of them was different */ continue; } @@ -3455,8 +3455,8 @@ ConnectionExists(struct Curl_easy *data, possible. (Especially we must not reuse the same connection if partway through a handshake!) */ if(wantNTLMhttp) { - if(!strequal(needle->user, check->user) || - !strequal(needle->passwd, check->passwd)) + if(strcmp(needle->user, check->user) || + strcmp(needle->passwd, check->passwd)) continue; } else if(check->ntlm.state != NTLMSTATE_NONE) { @@ -3470,8 +3470,8 @@ ConnectionExists(struct Curl_easy *data, if(!check->proxyuser || !check->proxypasswd) continue; - if(!strequal(needle->proxyuser, check->proxyuser) || - !strequal(needle->proxypasswd, check->proxypasswd)) + if(strcmp(needle->proxyuser, check->proxyuser) || + strcmp(needle->proxypasswd, check->proxypasswd)) continue; } else if(check->proxyntlm.state != NTLMSTATE_NONE) { -- cgit v1.2.3