-
Notifications
You must be signed in to change notification settings - Fork 614
Expand file tree
/
Copy pathCVE-2025-4476.patch
More file actions
33 lines (28 loc) · 1.23 KB
/
CVE-2025-4476.patch
File metadata and controls
33 lines (28 loc) · 1.23 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
From e64c221f9c7d09b48b610c5626b3b8c400f0907c Mon Sep 17 00:00:00 2001
From: Michael Catanzaro <mcatanzaro@redhat.com>
Date: Thu, 8 May 2025 09:27:01 -0500
Subject: [PATCH] auth-digest: fix crash in
soup_auth_digest_get_protection_space()
We need to validate the Domain parameter in the WWW-Authenticate header.
Unfortunately this crash only occurs when listening on default ports 80
and 443, so there's no good way to test for this. The test would require
running as root.
Fixes #440
---
libsoup/auth/soup-auth-digest.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libsoup/auth/soup-auth-digest.c b/libsoup/auth/soup-auth-digest.c
index 1742903..d3a0ab3 100644
--- a/libsoup/auth/soup-auth-digest.c
+++ b/libsoup/auth/soup-auth-digest.c
@@ -235,7 +235,7 @@ soup_auth_digest_get_protection_space (SoupAuth *auth, GUri *source_uri)
if (uri &&
g_strcmp0 (g_uri_get_scheme (uri), g_uri_get_scheme (source_uri)) == 0 &&
g_uri_get_port (uri) == g_uri_get_port (source_uri) &&
- !strcmp (g_uri_get_host (uri), g_uri_get_host (source_uri)))
+ !g_strcmp0 (g_uri_get_host (uri), g_uri_get_host (source_uri)))
dir = g_strdup (g_uri_get_path (uri));
else
dir = NULL;
--
2.45.4