curl: only accept COLUMNS less than 10000
... as larger values would rather indicate something silly (and could
potentially cause buffer problems).
Reported-by: pendrek at hackerone
Closes #4114
diff --git a/src/tool_cb_prg.c b/src/tool_cb_prg.c
index 05fe0e6..a18827c 100644
--- a/src/tool_cb_prg.c
+++ b/src/tool_cb_prg.c
@@ -210,7 +210,8 @@
if(colp) {
char *endptr;
long num = strtol(colp, &endptr, 10);
- if((endptr != colp) && (endptr == colp + strlen(colp)) && (num > 20))
+ if((endptr != colp) && (endptr == colp + strlen(colp)) && (num > 20) &&
+ (num < 10000))
bar->width = (int)num;
curl_free(colp);
}