From: Joshua Rogers <jrogers@opera.com>
Date: Fri, 19 Nov 2021 17:31:59 +0000 (+0100)
Subject: process_encrypted_request_headers(): Free header memory when failing
X-Git-Tag: v_3_0_33~9
X-Git-Url: http://www.privoxy.org/gitweb/%22https:/static/user-manual/@default-cgi@send-stylesheet?a=commitdiff_plain;h=0509c58045b26463844188e07c5e87c74ea21044;p=privoxy.git

process_encrypted_request_headers(): Free header memory when failing

... to get the request destination.

OVE-20211201-0002. CVE-2021-44541.
---

diff --git a/jcc.c b/jcc.c
index 2d6ba77d..2beca7b6 100644
--- a/jcc.c
+++ b/jcc.c
@@ -2806,6 +2806,8 @@ static jb_err process_encrypted_request_headers(struct client_state *csp)
          "Failed to get the encrypted request destination");
       ssl_send_data_delayed(&(csp->ssl_client_attr),
          (const unsigned char *)CHEADER, strlen(CHEADER), get_write_delay(csp));
+      destroy_list(headers);
+
       return JB_ERR_PARSE;
    }