commit 04512d9fcd03bde1cedfa09f208a4c410172fe22
parent 2d0e1cef20036412ed57c287553623293ab65031
Author: Nick Mathewson <nickm@torproject.org>
Date: Thu, 12 Jul 2018 14:20:56 -0400
SOCKS: Always free username/password before setting them.
This fixes a memory leak found by fuzzing.
Diffstat:
1 file changed, 3 insertions(+), 0 deletions(-)
diff --git a/src/core/proto/proto_socks.c b/src/core/proto/proto_socks.c
@@ -174,6 +174,7 @@ parse_socks4_request(const uint8_t *raw_data, socks_request_t *req,
goto end;
}
+ tor_free(req->username);
req->got_auth = 1;
req->username = tor_strdup(username);
req->usernamelen = usernamelen;
@@ -445,6 +446,7 @@ parse_socks5_userpass_auth(const uint8_t *raw_data, socks_request_t *req,
socks5_client_userpass_auth_getconstarray_passwd(trunnel_req);
if (usernamelen && username) {
+ tor_free(req->username);
req->username = tor_memdup_nulterm(username, usernamelen);
req->usernamelen = usernamelen;
@@ -452,6 +454,7 @@ parse_socks5_userpass_auth(const uint8_t *raw_data, socks_request_t *req,
}
if (passwordlen && password) {
+ tor_free(req->password);
req->password = tor_memdup_nulterm(password, passwordlen);
req->passwordlen = passwordlen;
