poky/meta/recipes-support/curl/curl/CVE-2023-28322-1.patch - openbmc/openbmc - Gitiles

 From efbf02111aa66bda9288506b7d5cc0226bf5453e Mon Sep 17 00:00:00 2001
 From: Daniel Stenberg <daniel@haxx.se>
 Date: Sun, 12 Feb 2023 13:24:08 +0100
 Subject: [PATCH] smb: return error on upload without size

 The protocol needs to know the size ahead of time, this is now a known
 restriction and not a bug.

 Also output a clearer error if the URL path does not contain proper
 share.

 Ref: #7896
 Closes #10484

 CVE: CVE-2023-28322
 Upstream-Status: Backport [https://github.com/curl/curl/commit/efbf02111aa66bda9288506b7d5cc0226bf5453e]
 Comments: Hunks refreshed
 Signed-off-by: Bhabu Bindu <bhabu.bindu@kpit.com>
 ---
  docs/KNOWN_BUGS    | 5 -----
  docs/URL-SYNTAX.md | 3 +++
  lib/smb.c          | 6 ++++++
  3 files changed, 9 insertions(+), 5 deletions(-)

 diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS
 index cbf5be352a279..a515e7a59bdfd 100644
 --- a/docs/KNOWN_BUGS
 +++ b/docs/KNOWN_BUGS
 @@ -58,7 +58,6 @@
   5.7 Visual Studio project gaps
   5.8 configure finding libs in wrong directory
   5.9 Utilize Requires.private directives in libcurl.pc
 - 5.10 curl hangs on SMB upload over stdin
   5.11 configure --with-gssapi with Heimdal is ignored on macOS
   5.12 flaky Windows CI builds

 @@ -332,10 +331,6 @@ problems may have been fixed or changed somewhat since this was written.

   https://github.com/curl/curl/issues/864

 -5.10 curl hangs on SMB upload over stdin
 -
 - See https://github.com/curl/curl/issues/7896
 -
  5.11 configure --with-gssapi with Heimdal is ignored on macOS

   ... unless you also pass --with-gssapi-libs
 diff --git a/docs/URL-SYNTAX.md b/docs/URL-SYNTAX.md
 index 691fcceacd66c..802bbdef96979 100644
 --- a/docs/URL-SYNTAX.md
 +++ b/docs/URL-SYNTAX.md
 @@ -360,6 +360,9 @@ share and directory or the share to upload to and as such, may not be omitted.
  If the user name is embedded in the URL then it must contain the domain name
  and as such, the backslash must be URL encoded as %2f.

 +When uploading to SMB, the size of the file needs to be known ahead of time,
 +meaning that you can upload a file passed to curl over a pipe like stdin.
 +
  curl supports SMB version 1 (only)

  ## SMTP
 diff --git a/lib/smb.c b/lib/smb.c
 index 8a76763c157ce..dc0abe784bcee 100644
 --- a/lib/smb.c
 +++ b/lib/smb.c
 @@ -763,6 +763,11 @@ static CURLcode smb_request_state(struct Curl_easy *data, bool *done)
    void *msg = NULL;
    const struct smb_nt_create_response *smb_m;

 +  if(data->set.upload && (data->state.infilesize < 0)) {
 +    failf(data, "SMB upload needs to know the size up front");
 +    return CURLE_SEND_ERROR;
 +  }
 +
    /* Start the request */
    if(req->state == SMB_REQUESTING) {
      result = smb_send_tree_connect(data);
 @@ -993,6 +998,7 @@ static CURLcode smb_parse_url_path(struct Curl_easy *data,
    /* The share must be present */
    if(!slash) {
      Curl_safefree(smbc->share);
 +    failf(data, "missing share in URL path for SMB");
      return CURLE_URL_MALFORMAT;
    }
	From efbf02111aa66bda9288506b7d5cc0226bf5453e Mon Sep 17 00:00:00 2001
	From: Daniel Stenberg <daniel@haxx.se>
	Date: Sun, 12 Feb 2023 13:24:08 +0100
	Subject: [PATCH] smb: return error on upload without size

	The protocol needs to know the size ahead of time, this is now a known
	restriction and not a bug.

	Also output a clearer error if the URL path does not contain proper
	share.

	Ref: #7896
	Closes #10484

	CVE: CVE-2023-28322
	Upstream-Status: Backport [https://github.com/curl/curl/commit/efbf02111aa66bda9288506b7d5cc0226bf5453e]
	Comments: Hunks refreshed
	Signed-off-by: Bhabu Bindu <bhabu.bindu@kpit.com>
	---
	docs/KNOWN_BUGS \| 5 -----
	docs/URL-SYNTAX.md \| 3 +++
	lib/smb.c \| 6 ++++++
	3 files changed, 9 insertions(+), 5 deletions(-)

	diff --git a/docs/KNOWN_BUGS b/docs/KNOWN_BUGS
	index cbf5be352a279..a515e7a59bdfd 100644
	--- a/docs/KNOWN_BUGS
	+++ b/docs/KNOWN_BUGS
	@@ -58,7 +58,6 @@
	5.7 Visual Studio project gaps
	5.8 configure finding libs in wrong directory
	5.9 Utilize Requires.private directives in libcurl.pc
	- 5.10 curl hangs on SMB upload over stdin
	5.11 configure --with-gssapi with Heimdal is ignored on macOS
	5.12 flaky Windows CI builds

	@@ -332,10 +331,6 @@ problems may have been fixed or changed somewhat since this was written.

	https://github.com/curl/curl/issues/864

	-5.10 curl hangs on SMB upload over stdin
	-
	- See https://github.com/curl/curl/issues/7896
	-
	5.11 configure --with-gssapi with Heimdal is ignored on macOS

	... unless you also pass --with-gssapi-libs
	diff --git a/docs/URL-SYNTAX.md b/docs/URL-SYNTAX.md
	index 691fcceacd66c..802bbdef96979 100644
	--- a/docs/URL-SYNTAX.md
	+++ b/docs/URL-SYNTAX.md
	@@ -360,6 +360,9 @@ share and directory or the share to upload to and as such, may not be omitted.
	If the user name is embedded in the URL then it must contain the domain name
	and as such, the backslash must be URL encoded as %2f.

	+When uploading to SMB, the size of the file needs to be known ahead of time,
	+meaning that you can upload a file passed to curl over a pipe like stdin.
	+
	curl supports SMB version 1 (only)

	## SMTP
	diff --git a/lib/smb.c b/lib/smb.c
	index 8a76763c157ce..dc0abe784bcee 100644
	--- a/lib/smb.c
	+++ b/lib/smb.c
	@@ -763,6 +763,11 @@ static CURLcode smb_request_state(struct Curl_easy data, bool done)
	void *msg = NULL;
	const struct smb_nt_create_response *smb_m;

	+ if(data->set.upload && (data->state.infilesize < 0)) {
	+ failf(data, "SMB upload needs to know the size up front");
	+ return CURLE_SEND_ERROR;
	+ }
	+
	/* Start the request */
	if(req->state == SMB_REQUESTING) {
	result = smb_send_tree_connect(data);
	@@ -993,6 +998,7 @@ static CURLcode smb_parse_url_path(struct Curl_easy *data,
	/* The share must be present */
	if(!slash) {
	Curl_safefree(smbc->share);
	+ failf(data, "missing share in URL path for SMB");
	return CURLE_URL_MALFORMAT;
	}