summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2019-05-03 22:20:37 +0200
committerDaniel Stenberg <daniel@haxx.se>2019-05-20 07:57:49 +0200
commit2576003415625d7b5f0e390902f8097830b82275 (patch)
tree614ed897adeaecc83717b1115f9ca0b236c7ae4b
parent9a87fe704e3b9c5f54ac728f35622f03b555cb21 (diff)
downloadgnurl-2576003415625d7b5f0e390902f8097830b82275.tar.gz
gnurl-2576003415625d7b5f0e390902f8097830b82275.tar.bz2
gnurl-2576003415625d7b5f0e390902f8097830b82275.zip
tftp: use the current blksize for recvfrom()
bug: https://curl.haxx.se/docs/CVE-2019-5436.html Reported-by: l00p3r on hackerone CVE-2019-5436
Diffstat
-rw-r--r--lib/tftp.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/tftp.c b/lib/tftp.c
index 8b92b7bd6..289cda282 100644
--- a/lib/tftp.c
+++ b/lib/tftp.c
@@ -1009,7 +1009,7 @@ static CURLcode tftp_connect(struct connectdata *conn, bool *done)
state->sockfd = state->conn->sock[FIRSTSOCKET];
state->state = TFTP_STATE_START;
state->error = TFTP_ERR_NONE;
- state->blksize = TFTP_BLKSIZE_DEFAULT;
+ state->blksize = blksize;
state->requested_blksize = blksize;
((struct sockaddr *)&state->local_addr)->sa_family =
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-19 16:48:48 +0000