From ae09e5bf0d1f868f7094be8f640ec46d66e668bf Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Tue, 17 Mar 2026 13:55:21 +0100 Subject: [PATCH] curl_get_line: error out on read errors Missing ferror handling in Curl_get_line causes infinite loops on I/O errors, leading to denial-of-service hangs for config/cache file loads. Follow-up to 769ccb4d4261a75c8a4 Pointed out by Codex Security Closes #20958 --- lib/curl_get_line.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/curl_get_line.c b/lib/curl_get_line.c index 85b3525be7..6fcd043c93 100644 --- a/lib/curl_get_line.c +++ b/lib/curl_get_line.c @@ -40,6 +40,8 @@ CURLcode Curl_get_line(struct dynbuf *buf, FILE *input, bool *eof) while(1) { size_t rlen; const char *b = fgets(buffer, sizeof(buffer), input); + if(!b && ferror(input)) + return CURLE_READ_ERROR; *eof = feof(input);