net-misc/curl/files/curl-mqtt-clear-leftover-pointer-on-send-success.patch - third_party/overlays/portage-stable - Git at Google

 From 43157490a5054bd24256fe12876931e8abc9df49 Mon Sep 17 00:00:00 2001
 From: z2_ on hackerone <>
 Date: Tue, 24 Aug 2021 09:50:33 +0200
 Subject: [PATCH] mqtt: clear the leftovers pointer when sending succeeds

 CVE-2021-22945

 Bug: https://curl.se/docs/CVE-2021-22945.html
 ---
  lib/mqtt.c | 4 ++++
  1 file changed, 4 insertions(+)

 diff --git a/lib/mqtt.c b/lib/mqtt.c
 index f077e6c3d..fcd40b41e 100644
 --- a/lib/mqtt.c
 +++ b/lib/mqtt.c
 @@ -128,6 +128,10 @@ static CURLcode mqtt_send(struct Curl_easy *data,
      mq->sendleftovers = sendleftovers;
      mq->nsend = nsend;
    }
 +  else {
 +    mq->sendleftovers = NULL;
 +    mq->nsend = 0;
 +  }
    return result;
  }

 --
 2.33.0.1079.g6e70778dc9-goog
	From 43157490a5054bd24256fe12876931e8abc9df49 Mon Sep 17 00:00:00 2001
	From: z2_ on hackerone <>
	Date: Tue, 24 Aug 2021 09:50:33 +0200
	Subject: [PATCH] mqtt: clear the leftovers pointer when sending succeeds

	CVE-2021-22945

	Bug: https://curl.se/docs/CVE-2021-22945.html
	---
	lib/mqtt.c \| 4 ++++
	1 file changed, 4 insertions(+)

	diff --git a/lib/mqtt.c b/lib/mqtt.c
	index f077e6c3d..fcd40b41e 100644
	--- a/lib/mqtt.c
	+++ b/lib/mqtt.c
	@@ -128,6 +128,10 @@ static CURLcode mqtt_send(struct Curl_easy *data,
	mq->sendleftovers = sendleftovers;
	mq->nsend = nsend;
	}
	+ else {
	+ mq->sendleftovers = NULL;
	+ mq->nsend = 0;
	+ }
	return result;
	}

	--
	2.33.0.1079.g6e70778dc9-goog