From: Joshua Rogers Date: Fri, 19 Nov 2021 17:57:26 +0000 (+0100) Subject: send_http_request(): Prevent memory leaks when handling errors X-Git-Tag: v_3_0_33~10 X-Git-Url: http://www.privoxy.org/gitweb/%22https:/developer-manual/faq/user-manual/easr?a=commitdiff_plain;h=c48d1d6d08996116cbcea55cd3fc6c2a558e499a;p=privoxy.git send_http_request(): Prevent memory leaks when handling errors OVE-20211201-0001. CVE-2021-44542. --- diff --git a/jcc.c b/jcc.c index 659521c7..2d6ba77d 100644 --- a/jcc.c +++ b/jcc.c @@ -2206,6 +2206,7 @@ static int send_http_request(struct client_state *csp) update_client_headers(csp, to_send_len)) { log_error(LOG_LEVEL_HEADER, "Error updating client headers"); + freez(to_send); return 1; } csp->expected_client_content_length = 0; @@ -2230,6 +2231,10 @@ static int send_http_request(struct client_state *csp) { log_error(LOG_LEVEL_CONNECT, "Failed sending request headers to: %s: %E", csp->http->hostport); + if (filter_client_body) + { + freez(to_send); + } return 1; }