X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=gateway.c;h=e28ebb331719bc05f834da945ccbffcda48595de;hp=dcea154b44ca521b39c5683d89447ff5b724f790;hb=85817cc55b9;hpb=27e65aebe090f8f90a6348571d3677ed72dabccd

diff --git a/gateway.c b/gateway.c
index dcea154b..e28ebb33 100644
--- a/gateway.c
+++ b/gateway.c
@@ -6,7 +6,7 @@
  *                using a "forwarder" (i.e. HTTP proxy and/or a SOCKS4
  *                or SOCKS5 proxy).
  *
- * Copyright   :  Written by and Copyright (C) 2001-2017 the
+ * Copyright   :  Written by and Copyright (C) 2001-2020 the
  *                Privoxy team. https://www.privoxy.org/
  *
  *                Based on the Internet Junkbuster originally written
@@ -356,6 +356,26 @@ void forget_connection(jb_socket sfd)
 
 
 #ifdef FEATURE_CONNECTION_KEEP_ALIVE
+/*********************************************************************
+ *
+ * Function    :  string_or_none
+ *
+ * Description :  Returns a given string or "none" if a NULL pointer
+ *                is given.
+ *                Helper function for connection_destination_matches().
+ *
+ * Parameters  :
+ *          1  :  string = The string to check.
+ *
+ * Returns     :  The string if non-NULL, "none" otherwise.
+ *
+ *********************************************************************/
+static const char *string_or_none(const char *string)
+{
+   return(string != NULL ? string : "none");
+}
+
+
 /*********************************************************************
  *
  * Function    :  connection_detail_matches
@@ -424,8 +444,8 @@ int connection_destination_matches(const struct reusable_connection *connection,
    {
       log_error(LOG_LEVEL_CONNECT,
          "Gateway mismatch. Previous gateway: %s. Current gateway: %s",
-         connection->gateway_host != NULL ? connection->gateway_host : "none",
-         fwd->gateway_host != NULL ? fwd->gateway_host : "none");
+         string_or_none(connection->gateway_host),
+         string_or_none(fwd->gateway_host));
       return FALSE;
    }
 
@@ -433,8 +453,8 @@ int connection_destination_matches(const struct reusable_connection *connection,
    {
       log_error(LOG_LEVEL_CONNECT, "Socks user name mismatch. "
          "Previous user name: %s. Current user name: %s",
-         connection->auth_username != NULL ? connection->auth_username : "none",
-         fwd->auth_username != NULL ? fwd->auth_username : "none");
+         string_or_none(connection->auth_username),
+         string_or_none(fwd->auth_username));
       return FALSE;
    }
 
@@ -442,8 +462,8 @@ int connection_destination_matches(const struct reusable_connection *connection,
    {
       log_error(LOG_LEVEL_CONNECT, "Socks user name mismatch. "
          "Previous password: %s. Current password: %s",
-         connection->auth_password != NULL ? connection->auth_password : "none",
-         fwd->auth_password != NULL ?  fwd->auth_password : "none");
+         string_or_none(connection->auth_password),
+         string_or_none(fwd->auth_password));
       return FALSE;
    }
 
@@ -451,8 +471,8 @@ int connection_destination_matches(const struct reusable_connection *connection,
    {
       log_error(LOG_LEVEL_CONNECT,
          "Forwarding proxy mismatch. Previous proxy: %s. Current proxy: %s",
-         connection->forward_host != NULL ? connection->forward_host : "none",
-         fwd->forward_host != NULL ? fwd->forward_host : "none");
+         string_or_none(connection->forward_host),
+         string_or_none(fwd->forward_host));
       return FALSE;
    }
 
@@ -1160,11 +1180,20 @@ static jb_socket socks5_connect(const struct forward_spec *fwd,
 
    if (!err && (sbuf[1] == '\x02'))
    {
-      /* check cbuf overflow */
-      size_t auth_len = strlen(fwd->auth_username) + strlen(fwd->auth_password) + 3;
-      if (auth_len > sizeof(cbuf))
+      if (fwd->auth_username && fwd->auth_password)
+      {
+         /* check cbuf overflow */
+         size_t auth_len = strlen(fwd->auth_username) + strlen(fwd->auth_password) + 3;
+         if (auth_len > sizeof(cbuf))
+         {
+            errstr = "SOCKS5 username and/or password too long";
+            err = 1;
+         }
+      }
+      else
       {
-         errstr = "SOCKS5 username and/or password too long";
+         errstr = "SOCKS5 server requested authentication while "
+            "no credentials are configured";
          err = 1;
       }
 
@@ -1226,7 +1255,7 @@ static jb_socket socks5_connect(const struct forward_spec *fwd,
    cbuf[client_pos++] = (char)(hostlen & 0xffu);
    assert(sizeof(cbuf) - client_pos > (size_t)255);
    /* Using strncpy because we really want the nul byte padding. */
-   strncpy(cbuf + client_pos, target_host, sizeof(cbuf) - client_pos);
+   strncpy(cbuf + client_pos, target_host, sizeof(cbuf) - client_pos - 1);
    client_pos += (hostlen & 0xffu);
    cbuf[client_pos++] = (char)((target_port >> 8) & 0xff);
    cbuf[client_pos++] = (char)((target_port     ) & 0xff);