35 lines
1.1 KiB
Diff
35 lines
1.1 KiB
Diff
From 93b8ffb630b62fedaef04a0d7674a89fe367bb22 Mon Sep 17 00:00:00 2001
|
|
From: Daniel Stenberg <daniel@haxx.se>
|
|
Date: Sun, 31 Jul 2016 01:09:04 +0200
|
|
Subject: [PATCH] curl_multi_cleanup: clear connection pointer for easy handles
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
CVE-2016-5421
|
|
Bug: https://curl.haxx.se/docs/adv_20160803C.html
|
|
Reported-by: Marcelo Echeverria and Fernando Muñoz
|
|
|
|
Upstream-commit: 75dc096e01ef1e21b6c57690d99371dedb2c0b80
|
|
Signed-off-by: Kamil Dudka <kdudka@redhat.com>
|
|
---
|
|
lib/multi.c | 2 ++
|
|
1 file changed, 2 insertions(+)
|
|
|
|
diff --git a/lib/multi.c b/lib/multi.c
|
|
index 069412d..89ea625 100644
|
|
--- a/lib/multi.c
|
|
+++ b/lib/multi.c
|
|
@@ -1869,6 +1869,8 @@ static void close_all_connections(struct Curl_multi *multi)
|
|
conn->data = multi->closure_handle;
|
|
|
|
sigpipe_ignore(conn->data, &pipe_st);
|
|
+ conn->data->easy_conn = NULL; /* clear the easy handle's connection
|
|
+ pointer */
|
|
/* This will remove the connection from the cache */
|
|
(void)Curl_disconnect(conn, FALSE);
|
|
sigpipe_restore(&pipe_st);
|
|
--
|
|
2.5.5
|
|
|