summaryrefslogtreecommitdiff
path: root/src/lib/exchange_api_curl_defaults.c
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2020-02-29 16:54:58 +0100
committerChristian Grothoff <christian@grothoff.org>2020-02-29 16:54:58 +0100
commitcdc8c5b57bb5992b7afe5c9f36e5e286a930dff8 (patch)
tree1c06e31f5d8921373515a7594802451e305b5bc0 /src/lib/exchange_api_curl_defaults.c
parent0a2b049864c8dae0c53c203d46fca89e0e66849d (diff)
downloadexchange-cdc8c5b57bb5992b7afe5c9f36e5e286a930dff8.tar.gz
exchange-cdc8c5b57bb5992b7afe5c9f36e5e286a930dff8.tar.bz2
exchange-cdc8c5b57bb5992b7afe5c9f36e5e286a930dff8.zip
limit redirects
Diffstat (limited to 'src/lib/exchange_api_curl_defaults.c')
-rw-r--r--src/lib/exchange_api_curl_defaults.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/src/lib/exchange_api_curl_defaults.c b/src/lib/exchange_api_curl_defaults.c
index d1e84f956..26c1ac7df 100644
--- a/src/lib/exchange_api_curl_defaults.c
+++ b/src/lib/exchange_api_curl_defaults.c
@@ -30,7 +30,7 @@
* @param url URL to query
*/
CURL *
-TEL_curl_easy_get (const char *url)
+TALER_EXCHANGE_curl_easy_get_ (const char *url)
{
CURL *eh;
@@ -43,6 +43,12 @@ TEL_curl_easy_get (const char *url)
curl_easy_setopt (eh,
CURLOPT_FOLLOWLOCATION,
1L));
+ /* limit MAXREDIRS to 5 as a simple security measure against
+ a potential infinite loop caused by a malicious target */
+ GNUNET_assert (CURLE_OK ==
+ curl_easy_setopt (eh,
+ CURLOPT_MAXREDIRS,
+ 5L));
GNUNET_assert (CURLE_OK ==
curl_easy_setopt (eh,
CURLOPT_TCP_FASTOPEN,
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-19 08:11:56 +0000