lynx/trunk/CVE-2021-38165.diff

   1 --- a/WWW/Library/Implementation/HTTP.c
   2 +++ b/WWW/Library/Implementation/HTTP.c
   3 @@ -764,6 +764,23 @@ static char *StripIpv6Brackets(char *host)
   4  }
   5  #endif
   6
   7 +/*
   8 + * Remove user/password, if any, from the given host-string.
   9 + */
  10 +#ifdef USE_SSL
  11 +static char *StripUserAuthents(char *host)
  12 +{
  13 +    char *p = strchr(host, '@');
  14 +
  15 +    if (p != NULL) {
  16 +       char *q = host;
  17 +
  18 +       while ((*q++ = *++p) != '\0') ;
  19 +    }
  20 +    return host;
  21 +}
  22 +#endif
  23 +
  24  /*             Load Document from HTTP Server                  HTLoadHTTP()
  25   *             ==============================
  26   *
  27 @@ -959,6 +976,7 @@ static int HTLoadHTTP(const char *arg,
  28         /* get host we're connecting to */
  29         ssl_host = HTParse(url, "", PARSE_HOST);
  30         ssl_host = StripIpv6Brackets(ssl_host);
  31 +       ssl_host = StripUserAuthents(ssl_host);
  32  #if defined(USE_GNUTLS_FUNCS)
  33         ret = gnutls_server_name_set(handle->gnutls_state,
  34                                      GNUTLS_NAME_DNS,