1From eef2b165c39245857b1663e9153e7c4b4b519a4c Mon Sep 17 00:00:00 2001 2From: Daniel Stenberg <daniel@haxx.se> 3Date: Mon, 25 Apr 2022 11:48:00 +0200 4Subject: [PATCH] conncache: include the zone id in the "bundle" hashkey 5 6Make connections to two separate IPv6 zone ids create separate 7connections. 8 9Reported-by: Harry Sintonen 10Bug: https://curl.se/docs/CVE-2022-27775.html 11Closes #8747 12 13Upstream-Status: Backport [https://github.com/curl/curl/commit/058f98dc3fe595f21dc26a5b9b1699e519ba5705] 14Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> 15--- 16 lib/conncache.c | 8 ++++++-- 17 1 file changed, 6 insertions(+), 2 deletions(-) 18 19diff --git a/lib/conncache.c b/lib/conncache.c 20index cd5756a..9b9f683 100644 21--- a/lib/conncache.c 22+++ b/lib/conncache.c 23@@ -155,8 +155,12 @@ static void hashkey(struct connectdata *conn, char *buf, 24 /* report back which name we used */ 25 *hostp = hostname; 26 27- /* put the number first so that the hostname gets cut off if too long */ 28- msnprintf(buf, len, "%ld%s", port, hostname); 29+ /* put the numbers first so that the hostname gets cut off if too long */ 30+#ifdef ENABLE_IPV6 31+ msnprintf(buf, len, "%u/%ld/%s", conn->scope_id, port, hostname); 32+#else 33+ msnprintf(buf, len, "%ld/%s", port, hostname); 34+#endif 35 Curl_strntolower(buf, buf, len); 36 } 37 38