package/network/utils/curl/patches/101-CVE-2020-8169.patch

   1 From 600a8cded447cd7118ed50142c576567c0cf5158 Mon Sep 17 00:00:00 2001
   2 From: Daniel Stenberg <daniel@haxx.se>
   3 Date: Thu, 14 May 2020 14:37:12 +0200
   4 Subject: [PATCH] url: make the updated credentials URL-encoded in the URL
   5
   6 Found-by: Gregory Jefferis
   7 Reported-by: Jeroen Ooms
   8 Added test 1168 to verify. Bug spotted when doing a redirect.
   9 Bug: https://github.com/jeroen/curl/issues/224
  10 Closes #5400
  11 ---
  12  lib/url.c               |  6 ++--
  13  tests/data/Makefile.inc |  1 +
  14  tests/data/test1168     | 78 +++++++++++++++++++++++++++++++++++++++++
  15  3 files changed, 83 insertions(+), 2 deletions(-)
  16  create mode 100644 tests/data/test1168
  17
  18 diff --git a/lib/url.c b/lib/url.c
  19 index f250f2ff20a..9b8b2bdde64 100644
  20 --- a/lib/url.c
  21 +++ b/lib/url.c
  22 @@ -2788,12 +2788,14 @@ static CURLcode override_login(struct Curl_easy *data,
  23
  24    /* for updated strings, we update them in the URL */
  25    if(user_changed) {
  26 -    uc = curl_url_set(data->state.uh, CURLUPART_USER, *userp, 0);
  27 +    uc = curl_url_set(data->state.uh, CURLUPART_USER, *userp,
  28 +                      CURLU_URLENCODE);
  29      if(uc)
  30        return Curl_uc_to_curlcode(uc);
  31    }
  32    if(passwd_changed) {
  33 -    uc = curl_url_set(data->state.uh, CURLUPART_PASSWORD, *passwdp, 0);
  34 +    uc = curl_url_set(data->state.uh, CURLUPART_PASSWORD, *passwdp,
  35 +                      CURLU_URLENCODE);
  36      if(uc)
  37        return Curl_uc_to_curlcode(uc);
  38    }