From: Fabian Keil Date: Sun, 7 Feb 2021 12:24:15 +0000 (+0100) Subject: socks5_connect(): Don't try to send credentials when none are configured X-Git-Tag: v_3_0_32~11 X-Git-Url: http://www.privoxy.org/gitweb/%22https:/faq/developer-manual/man-page/static/@user-manual@@actions-help-prefix@HANDLE-AS-EMPTY-DOCUMENT?a=commitdiff_plain;h=85817cc55b9829e6c20db40d3a93b8380618463d;p=privoxy.git socks5_connect(): Don't try to send credentials when none are configured Fixes a crash due to a NULL-pointer dereference when the socks server misbehaves. OVE-20210207-0001. Reported by: Joshua Rogers (Opera) --- diff --git a/gateway.c b/gateway.c index 135b2173..e28ebb33 100644 --- a/gateway.c +++ b/gateway.c @@ -1180,11 +1180,20 @@ static jb_socket socks5_connect(const struct forward_spec *fwd, if (!err && (sbuf[1] == '\x02')) { - /* check cbuf overflow */ - size_t auth_len = strlen(fwd->auth_username) + strlen(fwd->auth_password) + 3; - if (auth_len > sizeof(cbuf)) + if (fwd->auth_username && fwd->auth_password) { - errstr = "SOCKS5 username and/or password too long"; + /* check cbuf overflow */ + size_t auth_len = strlen(fwd->auth_username) + strlen(fwd->auth_password) + 3; + if (auth_len > sizeof(cbuf)) + { + errstr = "SOCKS5 username and/or password too long"; + err = 1; + } + } + else + { + errstr = "SOCKS5 server requested authentication while " + "no credentials are configured"; err = 1; }