aboutsummaryrefslogtreecommitdiffstats
path: root/main/curl/CVE-2022-27775.patch
diff options
context:
space:
mode:
Diffstat (limited to 'main/curl/CVE-2022-27775.patch')
-rw-r--r--main/curl/CVE-2022-27775.patch35
1 files changed, 35 insertions, 0 deletions
diff --git a/main/curl/CVE-2022-27775.patch b/main/curl/CVE-2022-27775.patch
new file mode 100644
index 00000000000..e1c02b8969d
--- /dev/null
+++ b/main/curl/CVE-2022-27775.patch
@@ -0,0 +1,35 @@
+Patch-Source: https://github.com/curl/curl/commit/058f98dc3fe595f21dc26a5b9b1699e519ba5705
+From 058f98dc3fe595f21dc26a5b9b1699e519ba5705 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 25 Apr 2022 11:48:00 +0200
+Subject: [PATCH] conncache: include the zone id in the "bundle" hashkey
+
+Make connections to two separate IPv6 zone ids create separate
+connections.
+
+Reported-by: Harry Sintonen
+Bug: https://curl.se/docs/CVE-2022-27775.html
+Closes #8747
+---
+ lib/conncache.c | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/lib/conncache.c b/lib/conncache.c
+index ec669b971dc3..8948b53fa500 100644
+--- a/lib/conncache.c
++++ b/lib/conncache.c
+@@ -155,8 +155,12 @@ static void hashkey(struct connectdata *conn, char *buf,
+ /* report back which name we used */
+ *hostp = hostname;
+
+- /* put the number first so that the hostname gets cut off if too long */
+- msnprintf(buf, len, "%ld%s", port, hostname);
++ /* put the numbers first so that the hostname gets cut off if too long */
++#ifdef ENABLE_IPV6
++ msnprintf(buf, len, "%u/%ld/%s", conn->scope_id, port, hostname);
++#else
++ msnprintf(buf, len, "%ld/%s", port, hostname);
++#endif
+ Curl_strntolower(buf, buf, len);
+ }
+