26 lines
584 B
Diff
26 lines
584 B
Diff
From 19483938de0dd2356c6f9a0092b8917aa238df77 Mon Sep 17 00:00:00 2001
|
|
From: z2_ on hackerone <>
|
|
Date: Tue, 24 Aug 2021 09:50:33 +0200
|
|
Subject: [PATCH] mqtt: clear the leftovers pointer when sending succeeds
|
|
|
|
CVE-2021-22945
|
|
|
|
Bug: https://curl.se/docs/CVE-2021-22945.html
|
|
---
|
|
lib/mqtt.c | 4 ++++
|
|
1 file changed, 4 insertions(+)
|
|
|
|
--- a/lib/mqtt.c
|
|
+++ b/lib/mqtt.c
|
|
@@ -124,6 +124,10 @@ static CURLcode mqtt_send(struct connect
|
|
mq->sendleftovers = sendleftovers;
|
|
mq->nsend = nsend;
|
|
}
|
|
+ else {
|
|
+ mq->sendleftovers = NULL;
|
|
+ mq->nsend = 0;
|
|
+ }
|
|
return result;
|
|
}
|
|
|