From 4431ed2484f0e66096642ee76a2bbeedec5bde79 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 13 Jan 2020 12:30:37 +0100
Subject: [PATCH] curl: make #0 not output the full URL

It was not intended nor documented!

Added test 1176 to verify.

Reported-by: vshmuk on hackerone

Closes #4812
---
 src/tool_urlglob.c      |  4 +--
 tests/data/Makefile.inc |  2 +-
 tests/data/test1176     | 68 +++++++++++++++++++++++++++++++++++++++++
 3 files changed, 71 insertions(+), 3 deletions(-)
 create mode 100644 tests/data/test1176

diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c
index 450cdcf32..6c8716104 100644
--- a/src/tool_urlglob.c
+++ b/src/tool_urlglob.c
@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -627,7 +627,7 @@ CURLcode glob_match_url(char **result, char *filename, URLGlob *glob)
       unsigned long num = strtoul(&filename[1], &filename, 10);
       URLPattern *pat = NULL;
 
-      if(num < glob->size) {
+      if(num && (num < glob->size)) {
         unsigned long i;
         num--; /* make it zero based */
         /* find the correct glob entry */
diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc
index 978f8aa5b..51cc92062 100644
--- a/tests/data/Makefile.inc
+++ b/tests/data/Makefile.inc
@@ -133,7 +133,7 @@ test1144 test1145 test1146 test1147 test1148 test1149 test1150 test1151 \
 test1152 test1153 test1154 test1155 test1156 test1157 test1158 test1159 \
 test1160 test1161 test1162 test1163 test1164 test1165 test1166 test1167 \
 \
-test1170 test1171 test1172 test1173 test1174 test1175 \
+test1170 test1171 test1172 test1173 test1174 test1175 test1176 \
 \
 test1200 test1201 test1202 test1203 test1204 test1205 test1206 test1207 \
 test1208 test1209 test1210 test1211 test1212 test1213 test1214 test1215 \
diff --git a/tests/data/test1176 b/tests/data/test1176
new file mode 100644
index 000000000..491bee16f
--- /dev/null
+++ b/tests/data/test1176
@@ -0,0 +1,68 @@
+<testcase>
+<info>
+<keywords>
+globbing
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data nocheck="yes">
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
+ETag: "21025-dc7-39462498"
+Accept-Ranges: bytes
+Content-Length: 6
+Connection: close
+Content-Type: text/html
+Funny-head: yesyes
+
+-foo-
+</data>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+HTTP GET
+ </name>
+ <command option="no-output">
+http://%HOSTIP:%HTTPPORT/1176 -o 'log/base-#0'
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /1176 HTTP/1.1
+Host: %HOSTIP:%HTTPPORT
+Accept: */*
+
+</protocol>
+<file name="log/base-#0">
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
+ETag: "21025-dc7-39462498"
+Accept-Ranges: bytes
+Content-Length: 6
+Connection: close
+Content-Type: text/html
+Funny-head: yesyes
+
+-foo-
+</file>
+</verify>
+</testcase>