libfetch

Kyle Evans Sat, 15 Feb 2020 11:48:40 -0800

Author: kevans
Date: Sat Feb 15 19:47:49 2020
New Revision: 357979
URL: https://svnweb.freebsd.org/changeset/base/357979


Log:
  fetch(3): don't leak sockshost on failure
  
  fetch_socks5_getenv will allocate memory for the host (or set it to NULL) in
  all cases through the function; the caller is responsible for freeing it if
  we end up allocating.
  
  While I'm here, I've eliminated a label that just jumps to the next line...

Modified:
  head/lib/libfetch/common.c

Modified: head/lib/libfetch/common.c
==============================================================================
--- head/lib/libfetch/common.c  Sat Feb 15 19:39:50 2020        (r357978)
+++ head/lib/libfetch/common.c  Sat Feb 15 19:47:49 2020        (r357979)
@@ -557,8 +557,10 @@ fetch_socks5_getenv(char **host, int *port)
                *host = strndup(socks5env, ext - socks5env);
        }
 
-       if (*host == NULL)
-               goto fail;
+       if (*host == NULL) {
+               fprintf(stderr, "Failure to allocate memory, exiting.\n");
+               return (-1);
+       }
        if (ext == NULL) {
                *port = 1080; /* Default port as defined in RFC1928 */
        } else {
@@ -567,16 +569,14 @@ fetch_socks5_getenv(char **host, int *port)
                *port = strtoimax(ext, (char **)&endptr, 10);
                if (*endptr != '\0' || errno != 0 || *port < 0 ||
                    *port > 65535) {
+                       free(*host);
+                       *host = NULL;
                        socks5_seterr(SOCKS5_ERR_BAD_PORT);
                        return (0);
                }
        }
 
        return (2);
-
-fail:
-       fprintf(stderr, "Failure to allocate memory, exiting.\n");
-       return (-1);
 }
 
 
@@ -595,7 +595,11 @@ fetch_connect(const char *host, int port, int af, int 
 
        DEBUGF("---> %s:%d\n", host, port);
 
-       /* Check if SOCKS5_PROXY env variable is set */
+       /*
+        * Check if SOCKS5_PROXY env variable is set.  fetch_socks5_getenv
+        * will either set sockshost = NULL or allocate memory in all cases.
+        */
+       sockshost = NULL;
        if (!fetch_socks5_getenv(&sockshost, &socksport))
                goto fail;
 
@@ -662,7 +666,7 @@ fetch_connect(const char *host, int port, int af, int 
                                    "failed to connect to SOCKS5 server %s:%d",
                                    sockshost, socksport);
                        socks5_seterr(SOCKS5_ERR_CONN_REFUSED);
-                       goto syserr1;
+                       goto fail;
                }
                goto syserr;
        }
@@ -680,9 +684,8 @@ fetch_connect(const char *host, int port, int af, int 
        return (conn);
 syserr:
        fetch_syserr();
-syserr1:
-       goto fail;
 fail:
+       free(sockshost);
        if (sd >= 0)
                close(sd);
        if (cais != NULL)
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "[email protected]"

svn commit: r357979 - head/lib/libfetch

Reply via email to