On Thu, 2 Jan 2025, 陈星杵 via curl-library wrote:
Hello! As stated on the website,the root cause about CVE-2022-35260[1] is
the fgets lack the check of '\n', so curl can read past the end of the
stack-based buffer. On this basis, I think the root cause is the line 85 of
the patch, but the website show me the eeaae10c0fb27aa06[2] is the
Vulnerability introduced commit. I want to know Where did my understanding
go wrong.
Since both those commits were introcued in the same curl version, 7.84.0, I
don't think it is worth wasting energy on.
If you really want to be sure, I would advice you to write a reproducer test
case and run againt both versions to see which ones that can trigger the
problem.
--
/ daniel.haxx.se || https://rock-solid.curl.dev
--
Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library
Etiquette: https://curl.se/mail/etiquette.html
