if (!err && (sbuf[1] == '\x02'))
{
- /* check cbuf overflow */
- size_t auth_len = strlen(fwd->auth_username) + strlen(fwd->auth_password) + 3;
- if (auth_len > sizeof(cbuf))
+ if (fwd->auth_username && fwd->auth_password)
{
- errstr = "SOCKS5 username and/or password too long";
+ /* check cbuf overflow */
+ size_t auth_len = strlen(fwd->auth_username) + strlen(fwd->auth_password) + 3;
+ if (auth_len > sizeof(cbuf))
+ {
+ errstr = "SOCKS5 username and/or password too long";
+ err = 1;
+ }
+ }
+ else
+ {
+ errstr = "SOCKS5 server requested authentication while "
+ "no credentials are configured";
err = 1;
}
cbuf[client_pos++] = (char)(hostlen & 0xffu);
assert(sizeof(cbuf) - client_pos > (size_t)255);
/* Using strncpy because we really want the nul byte padding. */
- strncpy(cbuf + client_pos, target_host, sizeof(cbuf) - client_pos);
+ strncpy(cbuf + client_pos, target_host, sizeof(cbuf) - client_pos - 1);
client_pos += (hostlen & 0xffu);
cbuf[client_pos++] = (char)((target_port >> 8) & 0xff);
cbuf[client_pos++] = (char)((target_port ) & 0xff);