diff options
author | dartraiden <wowemuh@gmail.com> | 2019-05-22 15:38:52 +0300 |
---|---|---|
committer | dartraiden <wowemuh@gmail.com> | 2019-05-22 15:38:52 +0300 |
commit | 2dc913b65c76e8f51989cc20ce0ce8b1b087db37 (patch) | |
tree | 6b44ea975bd3fac9562ac10213aa67c1b95da03a /libs/libcurl/src/socks.c | |
parent | 06eb563066b96fc1c4931f3a5dcf17c4f6fa32c5 (diff) |
libcurl: update to 7.65
Diffstat (limited to 'libs/libcurl/src/socks.c')
-rw-r--r-- | libs/libcurl/src/socks.c | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/libs/libcurl/src/socks.c b/libs/libcurl/src/socks.c index d0aba0605a..d8fcc3bbba 100644 --- a/libs/libcurl/src/socks.c +++ b/libs/libcurl/src/socks.c @@ -155,7 +155,7 @@ CURLcode Curl_SOCKS4(const char *proxy_user, Curl_addrinfo *hp = NULL; int rc; - rc = Curl_resolv(conn, hostname, remote_port, &dns); + rc = Curl_resolv(conn, hostname, remote_port, FALSE, &dns); if(rc == CURLRESOLV_ERROR) return CURLE_COULDNT_RESOLVE_PROXY; @@ -290,7 +290,7 @@ CURLcode Curl_SOCKS4(const char *proxy_user, /* wrong version ? */ if(socksreq[0] != 0) { failf(data, - "SOCKS4 reply has wrong version, version should be 4."); + "SOCKS4 reply has wrong version, version should be 0."); return CURLE_COULDNT_CONNECT; } @@ -527,12 +527,24 @@ CURLcode Curl_SOCKS5(const char *proxy_user, len = 0; socksreq[len++] = 1; /* username/pw subnegotiation version */ socksreq[len++] = (unsigned char) proxy_user_len; - if(proxy_user && proxy_user_len) + if(proxy_user && proxy_user_len) { + /* the length must fit in a single byte */ + if(proxy_user_len >= 255) { + failf(data, "Excessive user name length for proxy auth"); + return CURLE_BAD_FUNCTION_ARGUMENT; + } memcpy(socksreq + len, proxy_user, proxy_user_len); + } len += proxy_user_len; socksreq[len++] = (unsigned char) proxy_password_len; - if(proxy_password && proxy_password_len) + if(proxy_password && proxy_password_len) { + /* the length must fit in a single byte */ + if(proxy_password_len > 255) { + failf(data, "Excessive password length for proxy auth"); + return CURLE_BAD_FUNCTION_ARGUMENT; + } memcpy(socksreq + len, proxy_password, proxy_password_len); + } len += proxy_password_len; code = Curl_write_plain(conn, sock, (char *)socksreq, len, &written); @@ -597,7 +609,7 @@ CURLcode Curl_SOCKS5(const char *proxy_user, else { struct Curl_dns_entry *dns; Curl_addrinfo *hp = NULL; - int rc = Curl_resolv(conn, hostname, remote_port, &dns); + int rc = Curl_resolv(conn, hostname, remote_port, FALSE, &dns); if(rc == CURLRESOLV_ERROR) return CURLE_COULDNT_RESOLVE_HOST; |