SOCKS: Always free username/password before setting them.

This fixes a memory leak found by fuzzing.
This commit is contained in:
Nick Mathewson 2018-07-12 14:20:56 -04:00
parent 2d0e1cef20
commit 04512d9fcd

View File

@ -174,6 +174,7 @@ parse_socks4_request(const uint8_t *raw_data, socks_request_t *req,
goto end;
}
tor_free(req->username);
req->got_auth = 1;
req->username = tor_strdup(username);
req->usernamelen = usernamelen;
@ -445,6 +446,7 @@ parse_socks5_userpass_auth(const uint8_t *raw_data, socks_request_t *req,
socks5_client_userpass_auth_getconstarray_passwd(trunnel_req);
if (usernamelen && username) {
tor_free(req->username);
req->username = tor_memdup_nulterm(username, usernamelen);
req->usernamelen = usernamelen;
@ -452,6 +454,7 @@ parse_socks5_userpass_auth(const uint8_t *raw_data, socks_request_t *req,
}
if (passwordlen && password) {
tor_free(req->password);
req->password = tor_memdup_nulterm(password, passwordlen);
req->passwordlen = passwordlen;