From: Fabian Keil <fk@fabiankeil.de>
Date: Sat, 29 Feb 2020 08:49:39 +0000 (+0100)
Subject: finish_http_response(): Plug memory leak with CORS enabled
X-Git-Tag: v_3_0_29~456
X-Git-Url: http://www.privoxy.org/gitweb/%22https:/faq/developer-manual/@default-cgi@/static/@url@?a=commitdiff_plain;h=3bfbbaeeeef212763d53b89821e264e7fc97da74;p=privoxy.git

finish_http_response(): Plug memory leak with CORS enabled

Introduced in 9fd58c0d, not in any release.

Fixes CID 267166 "Resource leaks".
---

diff --git a/cgi.c b/cgi.c
index d23d9e65..ec86b64b 100644
--- a/cgi.c
+++ b/cgi.c
@@ -1594,7 +1594,7 @@ struct http_response *finish_http_response(struct client_state *csp, struct http
    if (NULL != csp->config->cors_allowed_origin)
    {
       enlist_unique_header(rsp->headers, "Access-Control-Allow-Origin",
-         strdup_or_die(csp->config->cors_allowed_origin));
+         csp->config->cors_allowed_origin);
       enlist_unique_header(rsp->headers, "Access-Control-Allow-Methods", "GET,POST");
       enlist_unique_header(rsp->headers, "Access-Control-Allow-Headers", "X-Requested-With");
       enlist_unique_header(rsp->headers, "Access-Control-Max-Age", "86400");