FTP: zero terminate the entry path even on bad input (5ff2c5ff) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP curl

Unverified Commit 5ff2c5ff authored Sep 25, 2017 by

Daniel Stenberg

FTP: zero terminate the entry path even on bad input

... a single double quote could leave the entry path buffer without a zero
terminating byte. CVE-2017-1000254

Test 1152 added to verify.

Reported-by: Max Dymond
Bug: https://curl.haxx.se/docs/adv_20171004.html

parent 440dbcb0

Hide whitespace changes

Inline Side-by-side

Please register or to comment