romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-14 21:31:42 +03:00
Code Issues Projects Releases Packages Wiki Activity

http2: clear the h2 session at delete

Browse source 
When calling nghttp2 to delete session, clear the pointer to avoid risk
of UAF.

Pointed out by Codex Security

Closes #20975
This commit is contained in:
Daniel Stenberg 2026-03-18 10:12:46 +01:00
parent 02e04eaee7
commit a43ea5943b
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
1 changed files with 1 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
lib/http2.c
View file

@ -203,6 +203,7 @@ static void cf_h2_ctx_close(struct cf_h2_ctx *ctx)
{
if(ctx->h2) {
nghttp2_session_del(ctx->h2);
ctx->h2 = NULL;
}
}