commit 04512d9fcd03bde1cedfa09f208a4c410172fe22 Author: Nick Mathewson nickm@torproject.org Date: Thu Jul 12 14:20:56 2018 -0400

SOCKS: Always free username/password before setting them.

This fixes a memory leak found by fuzzing. --- src/core/proto/proto_socks.c | 3 +++ 1 file changed, 3 insertions(+)

diff --git a/src/core/proto/proto_socks.c b/src/core/proto/proto_socks.c index 530436c41..9cc9568a4 100644 --- a/src/core/proto/proto_socks.c +++ b/src/core/proto/proto_socks.c @@ -174,6 +174,7 @@ parse_socks4_request(const uint8_t *raw_data, socks_request_t *req, goto end; }

+ tor_free(req->username); req->got_auth = 1; req->username = tor_strdup(username); req->usernamelen = usernamelen; @@ -445,6 +446,7 @@ parse_socks5_userpass_auth(const uint8_t *raw_data, socks_request_t *req, socks5_client_userpass_auth_getconstarray_passwd(trunnel_req);

if (usernamelen && username) { + tor_free(req->username); req->username = tor_memdup_nulterm(username, usernamelen); req->usernamelen = usernamelen;

@@ -452,6 +454,7 @@ parse_socks5_userpass_auth(const uint8_t *raw_data, socks_request_t *req, }

if (passwordlen && password) { + tor_free(req->password); req->password = tor_memdup_nulterm(password, passwordlen); req->passwordlen = passwordlen;