[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnurl] 19/41: parse_proxy(): fix memory leak in case of in
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnurl] 19/41: parse_proxy(): fix memory leak in case of invalid proxy server name |
Date: |
Sun, 20 Aug 2017 20:46:41 +0200 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to annotated tag gnurl-7.55.1
in repository gnurl.
commit 6e0e152ce5cfe2b7b024726d48a011f81826ebde
Author: Even Rouault <address@hidden>
AuthorDate: Fri Aug 11 11:29:09 2017 +0200
parse_proxy(): fix memory leak in case of invalid proxy server name
Fixes the below leak:
$ valgrind --leak-check=full ~/install-curl-git/bin/curl --proxy
"http://a:b@/x" http://127.0.0.1
curl: (5) Couldn't resolve proxy name
==5048==
==5048== HEAP SUMMARY:
==5048== in use at exit: 532 bytes in 12 blocks
==5048== total heap usage: 5,288 allocs, 5,276 frees, 445,271 bytes
allocated
==5048==
==5048== 2 bytes in 1 blocks are definitely lost in loss record 1 of 12
==5048== at 0x4C2DB8F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==5048== by 0x4E6CB79: parse_login_details (url.c:5614)
==5048== by 0x4E6BA82: parse_proxy (url.c:5091)
==5048== by 0x4E6C46D: create_conn_helper_init_proxy (url.c:5346)
==5048== by 0x4E6EA18: create_conn (url.c:6498)
==5048== by 0x4E6F9B4: Curl_connect (url.c:6967)
==5048== by 0x4E86D05: multi_runsingle (multi.c:1436)
==5048== by 0x4E88432: curl_multi_perform (multi.c:2160)
==5048== by 0x4E7C515: easy_transfer (easy.c:708)
==5048== by 0x4E7C74A: easy_perform (easy.c:794)
==5048== by 0x4E7C7B1: curl_easy_perform (easy.c:813)
==5048== by 0x414025: operate_do (tool_operate.c:1563)
==5048==
==5048== 2 bytes in 1 blocks are definitely lost in loss record 2 of 12
==5048== at 0x4C2DB8F: malloc (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==5048== by 0x4E6CBB6: parse_login_details (url.c:5621)
==5048== by 0x4E6BA82: parse_proxy (url.c:5091)
==5048== by 0x4E6C46D: create_conn_helper_init_proxy (url.c:5346)
==5048== by 0x4E6EA18: create_conn (url.c:6498)
==5048== by 0x4E6F9B4: Curl_connect (url.c:6967)
==5048== by 0x4E86D05: multi_runsingle (multi.c:1436)
==5048== by 0x4E88432: curl_multi_perform (multi.c:2160)
==5048== by 0x4E7C515: easy_transfer (easy.c:708)
==5048== by 0x4E7C74A: easy_perform (easy.c:794)
==5048== by 0x4E7C7B1: curl_easy_perform (easy.c:813)
==5048== by 0x414025: operate_do (tool_operate.c:1563)
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2984
Credit to OSS Fuzz for discovery
Closes #1761
---
lib/url.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/lib/url.c b/lib/url.c
index 2e7934375..71d4d8bb7 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -5149,11 +5149,14 @@ static CURLcode parse_proxy(struct Curl_easy *data,
conn->port = port;
}
else {
- if(proxyptr[0]=='/')
+ if(proxyptr[0]=='/') {
/* If the first character in the proxy string is a slash, fail
immediately. The following code will otherwise clear the string which
will lead to code running as if no proxy was set! */
+ Curl_safefree(proxyuser);
+ Curl_safefree(proxypasswd);
return CURLE_COULDNT_RESOLVE_PROXY;
+ }
/* without a port number after the host name, some people seem to use
a slash so we strip everything from the first slash */
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [gnurl] 03/41: curl: do bounds check using a double comparison, (continued)
- [GNUnet-SVN] [gnurl] 03/41: curl: do bounds check using a double comparison, gnunet, 2017/08/20
- [GNUnet-SVN] [gnurl] 07/41: build: check out *.sln files with Windows line endings, gnunet, 2017/08/20
- [GNUnet-SVN] [gnurl] 10/41: metalink: fix error: ‘*’ in boolean context, suggest ‘&&’ instead, gnunet, 2017/08/20
- [GNUnet-SVN] [gnurl] 09/41: dist: fix the cmake build by shipping cmake_uninstall.cmake.in too, gnunet, 2017/08/20
- [GNUnet-SVN] [gnurl] 02/41: make install: add 8 missing man pages to the installation, gnunet, 2017/08/20
- [GNUnet-SVN] [gnurl] 16/41: openssl: fix "error: this statement may fall through", gnunet, 2017/08/20
- [GNUnet-SVN] [gnurl] 21/41: test2033: this went flaky again, gnunet, 2017/08/20
- [GNUnet-SVN] [gnurl] 20/41: test1447: verifies the parse proxy fix in 6e0e152ce5c, gnunet, 2017/08/20
- [GNUnet-SVN] [gnurl] 15/41: openssl: remove CONST_ASN1_BIT_STRING., gnunet, 2017/08/20
- [GNUnet-SVN] [gnurl] 08/41: travis: verify "make install", gnunet, 2017/08/20
- [GNUnet-SVN] [gnurl] 19/41: parse_proxy(): fix memory leak in case of invalid proxy server name,
gnunet <=
- [GNUnet-SVN] [gnurl] 38/41: cmake: Threads detection update. ref: #1702, gnunet, 2017/08/20
- [GNUnet-SVN] [gnurl] 05/41: digest_sspi: Don't reuse context if the user/passwd has changed, gnunet, 2017/08/20
- [GNUnet-SVN] [gnurl] 11/41: cmake: move cmake_uninstall.cmake to CMake/, gnunet, 2017/08/20
- [GNUnet-SVN] [gnurl] 14/41: maketgz: remove old *.dist files before making the tarball, gnunet, 2017/08/20
- [GNUnet-SVN] [gnurl] 28/41: bagder/Curl_tvdiff_us: fix the math, gnunet, 2017/08/20
- [GNUnet-SVN] [gnurl] 32/41: travis: test cmake build on tarball too, gnunet, 2017/08/20
- [GNUnet-SVN] [gnurl] 26/41: docs: fix typo funtion -> function, gnunet, 2017/08/20
- [GNUnet-SVN] [gnurl] 33/41: test2032: mark as flaky (again), gnunet, 2017/08/20
- [GNUnet-SVN] [gnurl] 18/41: RELEASE-NOTES: synced with 37f2195a9, gnunet, 2017/08/20
- [GNUnet-SVN] [gnurl] 40/41: RELEASE-NOTES/THANKS: curl 7.55.1 release time, gnunet, 2017/08/20