diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2022-08-30 14:33:27 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2022-08-30 14:33:27 +0000 |
| commit | 4b60ba82863cd814086caf73e3de1cc4a3fa7b61 (patch) | |
| tree | 5916fc5ed2933382e1433d0ac1597e7adf127c0f /usr.sbin/rpki-client/http.c | |
| parent | f7c3708440c15997c9c7678d1fb6f23c94083d65 (diff) | |
Avoid leak in proxy_parse_uri()
with/ok claudio
Diffstat (limited to 'usr.sbin/rpki-client/http.c')
| -rw-r--r-- | usr.sbin/rpki-client/http.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/usr.sbin/rpki-client/http.c b/usr.sbin/rpki-client/http.c index d3263fe2d49..be8443eaacf 100644 --- a/usr.sbin/rpki-client/http.c +++ b/usr.sbin/rpki-client/http.c @@ -1,4 +1,4 @@ -/* $OpenBSD: http.c,v 1.64 2022/08/09 09:02:26 claudio Exp $ */ +/* $OpenBSD: http.c,v 1.65 2022/08/30 14:33:26 tb Exp $ */ /* * Copyright (c) 2020 Nils Fisher <nils_fisher@hotmail.com> * Copyright (c) 2020 Claudio Jeker <claudio@openbsd.org> @@ -353,7 +353,7 @@ recode_credentials(const char *userinfo) static void proxy_parse_uri(char *uri) { - char *host, *port = NULL, *cred, *cookie = NULL; + char *fullhost, *host, *port = NULL, *cred, *cookie = NULL; if (uri == NULL) return; @@ -362,10 +362,10 @@ proxy_parse_uri(char *uri) errx(1, "%s: http_proxy not using http schema", http_info(uri)); host = uri + 7; - if ((host = strndup(host, strcspn(host, "/"))) == NULL) + if ((fullhost = strndup(host, strcspn(host, "/"))) == NULL) err(1, NULL); - cred = host; + cred = fullhost; host = strchr(cred, '@'); if (host != NULL) *host++ = '\0'; @@ -405,9 +405,12 @@ proxy_parse_uri(char *uri) if ((cookie = strdup("")) == NULL) err(1, NULL); - proxy.proxyhost = host; + if ((proxy.proxyhost = strdup(host)) == NULL) + err(1, NULL); proxy.proxyport = port; proxy.proxyauth = cookie; + + free(fullhost); } /* |