fix CVE-2023-23914, CVE-2023-23915, CVE-2023-23916

Signed-off-by: Nzhouhaifeng <kutcher.zhou@huawei.com>

lib/content_encoding.h

@@ -26,8 +26,8 @@
 struct contenc_writer {
   const struct content_encoding *handler;  /* Encoding handler. */
   struct contenc_writer *downstream;  /* Downstream writer. */
-  void *params;  /* Encoding-specific storage (variable length). */
   unsigned int order; /* Ordering within writer stack. */
+  void *params;  /* Encoding-specific storage (variable length). */
 };
 
 /* Content encoding writer. */

lib/curl_config_liteos_a.h

@@ -34,6 +34,9 @@
 /* to disable Gopher */
 #define CURL_DISABLE_GOPHER 1
 
+/* disable alt-svc */
+#define CURL_DISABLE_HSTS 1
+
 /* to disable HTTP */
 /* #undef CURL_DISABLE_HTTP */
 

lib/curl_config_liteos_m.h

@@ -34,6 +34,9 @@
 /* to disable Gopher */
 #define CURL_DISABLE_GOPHER 1
 
+/* disable alt-svc */
+#define CURL_DISABLE_HSTS 1
+
 /* to disable HTTP */
 /* #undef CURL_DISABLE_HTTP */
 

lib/curl_config_standard.h

@@ -37,6 +37,9 @@
 /* to disable Gopher */
 /* #undef CURL_DISABLE_GOPHER */
 
+/* disable alt-svc */
+#define CURL_DISABLE_HSTS 1
+
 /* to disable HTTP */
 /* #undef CURL_DISABLE_HTTP */