romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-05-30 11:27:29 +03:00
Code Issues Projects Releases Packages Wiki Activity

schannel: cap the maximum allowed size for loading cert

Browse source 
To avoid problems with mistakes or abuse, cap the largest allowed
certificate size to load to CURL_MAX_INPUT_LENGTH bytes (8MB).

Closes #19964
This commit is contained in:
Daniel Stenberg 2025-12-14 00:13:27 +01:00
parent f0d277cb0e
commit 1c8c34c88e
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
lib/vtls/schannel.c
View file

@ -588,7 +588,7 @@ static CURLcode schannel_acquire_credential_handle(struct Curl_cfilter *cf,
certsize = (size_t)cert_tell;
if(continue_reading)
continue_reading = fseek(fInCert, 0, SEEK_SET) == 0;
if(continue_reading)
if(continue_reading && (certsize < CURL_MAX_INPUT_LENGTH))
certdata = curlx_malloc(certsize + 1);
if((!certdata) ||
((int) fread(certdata, certsize, 1, fInCert) != 1))