Hi Mark, On Wed, May 13, 2026 at 10:18 AM Mark Wielaard <[email protected]> wrote: > > Guard against bad servers. Older libcurl allowed unlimited > redirects. Newer libcurl default to max 30. Explicitly set > CURLOPT_MAXREDIRS to 6 (twice the number of redirects that seems > "reasonable"). This guards against badly setup servers that keep > redirecting. https://curl.se/libcurl/c/CURLOPT_MAXREDIRS.html > > * debuginfod/debuginfod-client.c (init_handle): Add > CURLOPT_MAXREDIRS curl_easy_setopt_ck. > > Signed-off-by: Mark Wielaard <[email protected]>
LGTM. If max 6 redirects turns out to be insufficient for some use cases, then we can revisit this. Aaron > --- > debuginfod/debuginfod-client.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/debuginfod/debuginfod-client.c b/debuginfod/debuginfod-client.c > index fb9ad82f7f5d..6340c8c27a4f 100644 > --- a/debuginfod/debuginfod-client.c > +++ b/debuginfod/debuginfod-client.c > @@ -1008,6 +1008,7 @@ init_handle(debuginfod_client *client, > } > curl_easy_setopt_ck(data->handle, CURLOPT_FILETIME, (long) 1); > curl_easy_setopt_ck(data->handle, CURLOPT_FOLLOWLOCATION, (long) 1); > + curl_easy_setopt_ck(data->handle, CURLOPT_MAXREDIRS, (long) 6); > curl_easy_setopt_ck(data->handle, CURLOPT_FAILONERROR, (long) 1); > curl_easy_setopt_ck(data->handle, CURLOPT_NOSIGNAL, (long) 1); > if (h_callback) > -- > 2.53.0 >
