CVE-2022-35260 Information
Description
curl can be told to parse a .netrc file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline curlwould first read past the end of the stack-based buffer and if the readworks write a zero byte beyond its boundary.This will in most cases cause a segfault or similar but circumstances might also cause different outcomes.If a malicious user can provide a custom netrc file to an application or otherwise affect its contents this flaw could be used as denial-of-service.
Reference
https://hackerone.com/reports/1721098
curl
can
be
told
to
parse
a
.netrc
file
for
credentials.
If
that
file
endsin
a
line
with
4095
consecutive
non-white
space
letters
and
no
newline
curlwould
first
read
past
the
end
of
the
stack-based
buffer
and
if
the
readworks
write
a
zero
byte
beyond
its
boundary.This
will
in
most
cases
cause
a
segfault
or
similar
but
circumstances
might
also
cause
different
outcomes.If
a
malicious
user
can
provide
a
custom
netrc
file
to
an
application
or
otherwise
affect
its
contents
this
flaw
could
be
used
as
denial-of-service.