nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-28 14:23:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

SOCKS: Always free username/password before setting them.

Browse Source 
This fixes a memory leak found by fuzzing.
This commit is contained in:
Nick Mathewson 2018-07-12 14:20:56 -04:00
parent 2d0e1cef20
commit 04512d9fcd
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/core/proto/proto_socks.c
View File

@ -174,6 +174,7 @@ parse_socks4_request(const uint8_t *raw_data, socks_request_t *req,
goto end;
}
tor_free(req->username);
req->got_auth = 1;
req->username = tor_strdup(username);
req->usernamelen = usernamelen;
@ -445,6 +446,7 @@ parse_socks5_userpass_auth(const uint8_t *raw_data, socks_request_t *req,
socks5_client_userpass_auth_getconstarray_passwd(trunnel_req);
if (usernamelen && username) {
tor_free(req->username);
req->username = tor_memdup_nulterm(username, usernamelen);
req->usernamelen = usernamelen;
@ -452,6 +454,7 @@ parse_socks5_userpass_auth(const uint8_t *raw_data, socks_request_t *req,
}
if (passwordlen && password) {
tor_free(req->password);
req->password = tor_memdup_nulterm(password, passwordlen);
req->passwordlen = passwordlen;