[Security report]: Patches for CVEs found in reused component curl by using V1SCAN #6311
Description
Contact me:
CVEs and affected files:
CVE-2018-1000120 in the file /external/curl/ftp.c
CVE-2018-1000122 in the file /external/curl/transfer.c
CVE-2018-1000301 in the file /external/curl/http.c
References:
NVD descriptions:
https://nvd.nist.gov/vuln/detail/CVE-2018-1000120
https://nvd.nist.gov/vuln/detail/CVE-2018-1000122
https://nvd.nist.gov/vuln/detail/CVE-2018-1000301
GitHub Security Advisories:
Advisory for CVE-2018-1000120
Advisory for CVE-2018-1000122
Advisory for CVE-2018-1000301
** Github commits:**
Commit for CVE-2018-1000120
Commit for CVE-2018-1000122
Commit for CVE-2018-1000301
Patch suggestions:
CVE-2018-1000120 & CVE-2018-1000122:
Since it seems that the two reused files are from the older version of curl, it is recommended to update the two files to the latest version or just apply the above commits for CVE-2018-1000120 & CVE-2018-1000122.
CVE-2018-1000301:
Since it seems that this file /external/curl/http.c is reused with a lot of modifications for customized features, we suggest to apply the following patch:
- After the code
struct SingleRequest *k = &data->req;at line 2963, insert the following two lines:
ssize_t onread = *nread;
char *ostr = k->str;
- Replace the code
*nread = (ssize_t)rest_length;at line 3028 with the following three lines:
*nread = onread;
k->str = ostr;
return CURLE_OK;