Commit c9332fa5 authored by Even Rouault's avatar Even Rouault Committed by Daniel Stenberg
Browse files

file: output the correct buffer to the user 

Regression brought by 7c312f84 (April 2017)

CVE-2017-1000099

Bug: https://curl.haxx.se/docs/adv_20170809C.html

Credit to OSS-Fuzz for the discovery
parent fa489873

lib/file.c

+1 −1
Original line number Diff line number Diff line
@@ -501,7 +501,7 @@ static CURLcode file_do(struct connectdata *conn, bool *done) 
             tm->tm_hour,

             tm->tm_min,

             tm->tm_sec);

    result = Curl_client_write(conn, CLIENTWRITE_BOTH, buf, 0);

    result = Curl_client_write(conn, CLIENTWRITE_BOTH, header, 0);

    if(!result)

      /* set the file size to make it available post transfer */

      Curl_pgrsSetDownloadSize(data, expected_size);