curl / Mailing Lists / curl-library / Single Mail

Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Security implications of CURLOPT_UPLOAD + CURLOPT_FOLLOWLOCATION

From: Blake Burkhart via curl-library <curl-library_at_cool.haxx.se>
Date: Tue, 28 Apr 2020 21:58:12 -0500

What are the security implications of enabling redirects during uploads?
The security considerations page[1] says “When uploading, a redirect can
cause a local (or remote) file to be overwritten.” and mentions
CURLOPT_FOLLOWLOCATION, but as of Curl 7.19.4 it is no longer possible to
HTTP redirect to local files with the FILE protocol. Is the impact limited
to overwriting an unexpected remote URL (on any allowed protocol)? Or if a
URL is user specified, overwriting a local file?

I was doing some security research and found a small number of open source
projects that enable both CURLOPT_UPLOAD and CURLOPT_FOLLOWLOCATION, and
was trying to assess the impact.

[1] https://curl.haxx.se/libcurl/security.html#Uploads

--
Blake

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2020-04-29

This message: [ Message body ]
Next message: Daniel Stenberg via curl-library: "[RELEASE] curl 7.70.0"
Previous message: Tom N via curl-library: "Re: Programmatically provide CA bundle?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]