File curl-CVE-2022-43552.patch of Package curl.30929

Overview Repositories Revisions Requests Users Attributes Meta

File curl-CVE-2022-43552.patch of Package curl.30929

From f3b4c5edf97c157a8ad3727827d1ac94062cfff8 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 7 Nov 2022 17:09:48 +0100
Subject: [PATCH] smb/telnet: do not free the protocol struct in *_done()

It is managed by the generic layer.
---
 lib/smb.c    | 14 ++------------
 lib/telnet.c |  3 ---
 2 files changed, 2 insertions(+), 15 deletions(-)

Index: curl-7.60.0/lib/smb.c
===================================================================
--- curl-7.60.0.orig/lib/smb.c
+++ curl-7.60.0/lib/smb.c
@@ -60,8 +60,6 @@ static CURLcode smb_setup_connection(str
 static CURLcode smb_connect(struct connectdata *conn, bool *done);
 static CURLcode smb_connection_state(struct connectdata *conn, bool *done);
 static CURLcode smb_request_state(struct connectdata *conn, bool *done);
-static CURLcode smb_done(struct connectdata *conn, CURLcode status,
-                         bool premature);
 static CURLcode smb_disconnect(struct connectdata *conn, bool dead);
 static int smb_getsock(struct connectdata *conn, curl_socket_t *socks,
                        int numsocks);
@@ -74,7 +72,7 @@ const struct Curl_handler Curl_handler_s
   "SMB",                                /* scheme */
   smb_setup_connection,                 /* setup_connection */
   ZERO_NULL,                            /* do_it */
-  smb_done,                             /* done */
+  ZERO_NULL,                            /* done */
   ZERO_NULL,                            /* do_more */
   smb_connect,                          /* connect_it */
   smb_connection_state,                 /* connecting */
@@ -99,7 +97,7 @@ const struct Curl_handler Curl_handler_s
   "SMBS",                               /* scheme */
   smb_setup_connection,                 /* setup_connection */
   ZERO_NULL,                            /* do_it */
-  smb_done,                             /* done */
+  ZERO_NULL,                            /* done */
   ZERO_NULL,                            /* do_more */
   smb_connect,                          /* connect_it */
   smb_connection_state,                 /* connecting */
@@ -907,19 +905,6 @@ static CURLcode smb_request_state(struct
   return CURLE_OK;
 }
 
-static CURLcode smb_done(struct connectdata *conn, CURLcode status,
-                         bool premature)
-{
-  struct smb_request *req = conn->data->req.protop;
-
-  (void) premature;
-
-  Curl_safefree(req->share);
-  Curl_safefree(conn->data->req.protop);
-
-  return status;
-}
-
 static CURLcode smb_disconnect(struct connectdata *conn, bool dead)
 {
   struct smb_conn *smbc = &conn->proto.smbc;
Index: curl-7.60.0/lib/telnet.c
===================================================================
--- curl-7.60.0.orig/lib/telnet.c
+++ curl-7.60.0/lib/telnet.c
@@ -1298,8 +1298,6 @@ static CURLcode telnet_done(struct conne
   curl_slist_free_all(tn->telnet_vars);
   tn->telnet_vars = NULL;
 
-  Curl_safefree(conn->data->req.protop);
-
   return CURLE_OK;
 }

Places

File curl-CVE-2022-43552.patch of Package curl.30929

Places