From: Joshua Rogers <jrogers@opera.com>
Date: Fri, 19 Nov 2021 17:57:26 +0000 (+0100)
Subject: send_http_request(): Prevent memory leaks when handling errors
X-Git-Tag: v_3_0_33~10
X-Git-Url: http://www.privoxy.org/gitweb/%22https:/@protocol@@hostport@@force-prefix@@path@?a=commitdiff_plain;h=c48d1d6d08996116cbcea55cd3fc6c2a558e499a;p=privoxy.git

send_http_request(): Prevent memory leaks when handling errors

OVE-20211201-0001. CVE-2021-44542.
---

diff --git a/jcc.c b/jcc.c
index 659521c7..2d6ba77d 100644
--- a/jcc.c
+++ b/jcc.c
@@ -2206,6 +2206,7 @@ static int send_http_request(struct client_state *csp)
          update_client_headers(csp, to_send_len))
       {
          log_error(LOG_LEVEL_HEADER, "Error updating client headers");
+         freez(to_send);
          return 1;
       }
       csp->expected_client_content_length = 0;
@@ -2230,6 +2231,10 @@ static int send_http_request(struct client_state *csp)
    {
       log_error(LOG_LEVEL_CONNECT, "Failed sending request headers to: %s: %E",
          csp->http->hostport);
+      if (filter_client_body)
+      {
+         freez(to_send);
+      }
       return 1;
    }