| From 43157490a5054bd24256fe12876931e8abc9df49 Mon Sep 17 00:00:00 2001 |
| From: z2_ on hackerone <> |
| Date: Tue, 24 Aug 2021 09:50:33 +0200 |
| Subject: [PATCH] mqtt: clear the leftovers pointer when sending succeeds |
| |
| CVE-2021-22945 |
| |
| Bug: https://curl.se/docs/CVE-2021-22945.html |
| --- |
| lib/mqtt.c | 4 ++++ |
| 1 file changed, 4 insertions(+) |
| |
| diff --git a/lib/mqtt.c b/lib/mqtt.c |
| index f077e6c3d..fcd40b41e 100644 |
| --- a/lib/mqtt.c |
| +++ b/lib/mqtt.c |
| @@ -128,6 +128,10 @@ static CURLcode mqtt_send(struct Curl_easy *data, |
| mq->sendleftovers = sendleftovers; |
| mq->nsend = nsend; |
| } |
| + else { |
| + mq->sendleftovers = NULL; |
| + mq->nsend = 0; |
| + } |
| return result; |
| } |
| |
| -- |
| 2.33.0.1079.g6e70778dc9-goog |
| |