diff options
author | Robert Scott <code@humanleg.org.uk> | 2021-09-27 22:10:21 +0100 |
---|---|---|
committer | Robert Scott <code@humanleg.org.uk> | 2021-09-28 18:23:01 +0100 |
commit | 13f8720032ee3bcd3c9c6e01e7a23e03b19de671 (patch) | |
tree | 276737acd0fcc01a7fb443deb26acbd2731293fc /pkgs/tools/networking/curl | |
parent | e667988cc3b6e9b6bb732a45c6094393509419d6 (diff) | |
download | nixpkgs-13f8720032ee3bcd3c9c6e01e7a23e03b19de671.tar nixpkgs-13f8720032ee3bcd3c9c6e01e7a23e03b19de671.tar.gz nixpkgs-13f8720032ee3bcd3c9c6e01e7a23e03b19de671.tar.bz2 nixpkgs-13f8720032ee3bcd3c9c6e01e7a23e03b19de671.tar.lz nixpkgs-13f8720032ee3bcd3c9c6e01e7a23e03b19de671.tar.xz nixpkgs-13f8720032ee3bcd3c9c6e01e7a23e03b19de671.tar.zst nixpkgs-13f8720032ee3bcd3c9c6e01e7a23e03b19de671.zip |
curl: add patch for CVE-2021-22945
included as all curl patches need to be in-repo due to bootstrapping issues
Diffstat (limited to 'pkgs/tools/networking/curl')
-rw-r--r-- | pkgs/tools/networking/curl/CVE-2021-22945.patch | 27 | ||||
-rw-r--r-- | pkgs/tools/networking/curl/default.nix | 1 |
2 files changed, 28 insertions, 0 deletions
diff --git a/pkgs/tools/networking/curl/CVE-2021-22945.patch b/pkgs/tools/networking/curl/CVE-2021-22945.patch new file mode 100644 index 00000000000..f8e570d2d65 --- /dev/null +++ b/pkgs/tools/networking/curl/CVE-2021-22945.patch @@ -0,0 +1,27 @@ +From 43157490a5054bd24256fe12876931e8abc9df49 Mon Sep 17 00:00:00 2001 +From: z2_ on hackerone <> +Date: Tue, 24 Aug 2021 09:50:33 +0200 +Subject: [PATCH] mqtt: clear the leftovers pointer when sending succeeds + +CVE-2021-22945 + +Bug: https://curl.se/docs/CVE-2021-22945.html +--- + lib/mqtt.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/lib/mqtt.c b/lib/mqtt.c +index f077e6c3dc44..fcd40b41e600 100644 +--- a/lib/mqtt.c ++++ b/lib/mqtt.c +@@ -128,6 +128,10 @@ static CURLcode mqtt_send(struct Curl_easy *data, + mq->sendleftovers = sendleftovers; + mq->nsend = nsend; + } ++ else { ++ mq->sendleftovers = NULL; ++ mq->nsend = 0; ++ } + return result; + } + diff --git a/pkgs/tools/networking/curl/default.nix b/pkgs/tools/networking/curl/default.nix index b3572e01c96..7d6b96ac9f0 100644 --- a/pkgs/tools/networking/curl/default.nix +++ b/pkgs/tools/networking/curl/default.nix @@ -57,6 +57,7 @@ stdenv.mkDerivation rec { ./CVE-2021-22897.patch ./CVE-2021-22898.patch ./CVE-2021-22901.patch + ./CVE-2021-22945.patch ]; outputs = [ "bin" "dev" "out" "man" "devdoc" ]; |