From: Fabian Keil <fk@fabiankeil.de>
Date: Sun, 7 Feb 2021 12:24:15 +0000 (+0100)
Subject: socks5_connect(): Don't try to send credentials when none are configured
X-Git-Tag: v_3_0_32~11
X-Git-Url: http://www.privoxy.org/gitweb/%22https:/static/user-manual/@default-cgi@send-stylesheet?a=commitdiff_plain;h=85817cc55b9829e6c20db40d3a93b8380618463d;p=privoxy.git

socks5_connect(): Don't try to send credentials when none are configured

Fixes a crash due to a NULL-pointer dereference when
the socks server misbehaves.

OVE-20210207-0001.

Reported by: Joshua Rogers (Opera)
---

diff --git a/gateway.c b/gateway.c
index 135b2173..e28ebb33 100644
--- a/gateway.c
+++ b/gateway.c
@@ -1180,11 +1180,20 @@ static jb_socket socks5_connect(const struct forward_spec *fwd,
 
    if (!err && (sbuf[1] == '\x02'))
    {
-      /* check cbuf overflow */
-      size_t auth_len = strlen(fwd->auth_username) + strlen(fwd->auth_password) + 3;
-      if (auth_len > sizeof(cbuf))
+      if (fwd->auth_username && fwd->auth_password)
       {
-         errstr = "SOCKS5 username and/or password too long";
+         /* check cbuf overflow */
+         size_t auth_len = strlen(fwd->auth_username) + strlen(fwd->auth_password) + 3;
+         if (auth_len > sizeof(cbuf))
+         {
+            errstr = "SOCKS5 username and/or password too long";
+            err = 1;
+         }
+      }
+      else
+      {
+         errstr = "SOCKS5 server requested authentication while "
+            "no credentials are configured";
          err = 1;
       }