diff options
author | Mark Wielaard <mark@klomp.org> | 2021-10-15 15:16:54 +0200 |
---|---|---|
committer | Mark Wielaard <mark@klomp.org> | 2021-10-15 15:23:22 +0200 |
commit | aa0765aa93ce3e74283498a310333c9bff2223db (patch) | |
tree | ac926979b392cccd13898a4bb65cb8e9fa82dbe6 | |
parent | a83fe488a7b422fc8260bdb35526d39a195c624a (diff) | |
download | elfutils-aa0765aa93ce3e74283498a310333c9bff2223db.tar.gz |
debuginfod-client: Stick to http:// + https:// + file:// protocols
Make sure we don't use any of the more experimental protocols
libcurl might support. URLs can be redirected and we might want
to follow http -> https, but not e.g. gopher or pop3.
Suggested-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Signed-off-by: Mark Wielaard <mark@klomp.org>
-rw-r--r-- | debuginfod/ChangeLog | 5 | ||||
-rw-r--r-- | debuginfod/debuginfod-client.c | 4 |
2 files changed, 9 insertions, 0 deletions
diff --git a/debuginfod/ChangeLog b/debuginfod/ChangeLog index de833f7f..a91749e7 100644 --- a/debuginfod/ChangeLog +++ b/debuginfod/ChangeLog @@ -1,3 +1,8 @@ +2021-10-15 Mark Wielaard <mark@klomp.org> + + * debuginfod-client.c (debuginfod_query_server): Set + CURLOPT_PROTOCOLS. + 2021-10-06 Di Chen <dichen@redhat.com> PR28242 diff --git a/debuginfod/debuginfod-client.c b/debuginfod/debuginfod-client.c index 88e45567..bd947ae4 100644 --- a/debuginfod/debuginfod-client.c +++ b/debuginfod/debuginfod-client.c @@ -973,6 +973,10 @@ debuginfod_query_server (debuginfod_client *c, if (vfd >= 0) dprintf (vfd, "url %d %s\n", i, data[i].url); + /* Only allow http:// + https:// + file:// so we aren't being + redirected to some unsupported protocol. */ + curl_easy_setopt(data[i].handle, CURLOPT_PROTOCOLS, + CURLPROTO_HTTP | CURLPROTO_HTTPS | CURLPROTO_FILE); curl_easy_setopt(data[i].handle, CURLOPT_URL, data[i].url); if (vfd >= 0) curl_easy_setopt(data[i].handle, CURLOPT_ERRORBUFFER, data[i].errbuf); |