summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJinWang An <jinwang.an@samsung.com>2021-02-17 17:09:21 +0900
committerJinWang An <jinwang.an@samsung.com>2021-02-17 17:09:21 +0900
commit2bbfb5bd8e6be73480018b4ac92befb4736c5bba (patch)
treef5c58783ae4b9a1d01de5f4dfaa8f30062ae4fc3
parent28d122ff237b30cbe94432469db21fe24859f4a9 (diff)
downloadcmake-accepted/tizen/base/tool/20210221.221015.tar.gz
cmake-accepted/tizen/base/tool/20210221.221015.tar.bz2
cmake-accepted/tizen/base/tool/20210221.221015.zip
[CVE-2020-8284] CURLOPT_FTP_SKIP_PASV_IP by defaultsubmit/tizen_base/20210218.080159accepted/tizen/base/tool/20210221.221015
A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. Change-Id: Ifb923106339f8d3e64ec171ef22ebab3ac3c6d8d Signed-off-by: JinWang An <jinwang.an@samsung.com>
-rw-r--r--Utilities/cmcurl/curltest.c1
-rw-r--r--Utilities/cmcurl/lib/url.c1
2 files changed, 2 insertions, 0 deletions
diff --git a/Utilities/cmcurl/curltest.c b/Utilities/cmcurl/curltest.c
index f80e758a0..36c7d1728 100644
--- a/Utilities/cmcurl/curltest.c
+++ b/Utilities/cmcurl/curltest.c
@@ -37,6 +37,7 @@ int test_curl(const char* url)
}
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
+ curl_easy_setopt(curl, CURLOPT_FTP_SKIP_PASV_IP, 1L);
curl_easy_setopt(curl, CURLOPT_HEADER, 1);
if (proxy_type > 0) {
diff --git a/Utilities/cmcurl/lib/url.c b/Utilities/cmcurl/lib/url.c
index c441ae716..b39a3ee22 100644
--- a/Utilities/cmcurl/lib/url.c
+++ b/Utilities/cmcurl/lib/url.c
@@ -444,6 +444,7 @@ CURLcode Curl_init_userdefined(struct Curl_easy *data)
set->ftp_use_eprt = TRUE; /* FTP defaults to EPRT operations */
set->ftp_use_pret = FALSE; /* mainly useful for drftpd servers */
set->ftp_filemethod = FTPFILE_MULTICWD;
+ set->ftp_skip_ip = TRUE; /* skip PASV IP by default */
#endif
set->dns_cache_timeout = 60; /* Timeout every 60 seconds by default */