summaryrefslogtreecommitdiffstats
path: root/Utilities/cmcurl/lib/socks.c
diff options
context:
space:
mode:
authorBrad King <brad.king@kitware.com>2019-05-22 18:15:06 (GMT)
committerBrad King <brad.king@kitware.com>2019-05-22 18:15:06 (GMT)
commita39138ef9a7f3e3ec94ae4fd99602ca711bbcf5f (patch)
treea4d546a554025fb11ec6cc32e7491b150cde35f3 /Utilities/cmcurl/lib/socks.c
parent2de8af0121c3ca64dcb82a1220d2ba255aab3553 (diff)
parentb26487c663ec29d972fd61adc2b14ac5880b78c7 (diff)
downloadCMake-a39138ef9a7f3e3ec94ae4fd99602ca711bbcf5f.zip
CMake-a39138ef9a7f3e3ec94ae4fd99602ca711bbcf5f.tar.gz
CMake-a39138ef9a7f3e3ec94ae4fd99602ca711bbcf5f.tar.bz2
Merge branch 'upstream-curl' into update-curl
* upstream-curl: curl 2019-05-22 (885ce314)
Diffstat (limited to 'Utilities/cmcurl/lib/socks.c')
-rw-r--r--Utilities/cmcurl/lib/socks.c26
1 files changed, 19 insertions, 7 deletions
diff --git a/Utilities/cmcurl/lib/socks.c b/Utilities/cmcurl/lib/socks.c
index d2209ad..d8fcc3b 100644
--- a/Utilities/cmcurl/lib/socks.c
+++ b/Utilities/cmcurl/lib/socks.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -54,7 +54,7 @@ int Curl_blockread_all(struct connectdata *conn, /* connection data */
ssize_t buffersize, /* max amount to read */
ssize_t *n) /* amount bytes read */
{
- ssize_t nread;
+ ssize_t nread = 0;
ssize_t allread = 0;
int result;
*n = 0;
@@ -155,7 +155,7 @@ CURLcode Curl_SOCKS4(const char *proxy_user,
Curl_addrinfo *hp = NULL;
int rc;
- rc = Curl_resolv(conn, hostname, remote_port, &dns);
+ rc = Curl_resolv(conn, hostname, remote_port, FALSE, &dns);
if(rc == CURLRESOLV_ERROR)
return CURLE_COULDNT_RESOLVE_PROXY;
@@ -290,7 +290,7 @@ CURLcode Curl_SOCKS4(const char *proxy_user,
/* wrong version ? */
if(socksreq[0] != 0) {
failf(data,
- "SOCKS4 reply has wrong version, version should be 4.");
+ "SOCKS4 reply has wrong version, version should be 0.");
return CURLE_COULDNT_CONNECT;
}
@@ -527,12 +527,24 @@ CURLcode Curl_SOCKS5(const char *proxy_user,
len = 0;
socksreq[len++] = 1; /* username/pw subnegotiation version */
socksreq[len++] = (unsigned char) proxy_user_len;
- if(proxy_user && proxy_user_len)
+ if(proxy_user && proxy_user_len) {
+ /* the length must fit in a single byte */
+ if(proxy_user_len >= 255) {
+ failf(data, "Excessive user name length for proxy auth");
+ return CURLE_BAD_FUNCTION_ARGUMENT;
+ }
memcpy(socksreq + len, proxy_user, proxy_user_len);
+ }
len += proxy_user_len;
socksreq[len++] = (unsigned char) proxy_password_len;
- if(proxy_password && proxy_password_len)
+ if(proxy_password && proxy_password_len) {
+ /* the length must fit in a single byte */
+ if(proxy_password_len > 255) {
+ failf(data, "Excessive password length for proxy auth");
+ return CURLE_BAD_FUNCTION_ARGUMENT;
+ }
memcpy(socksreq + len, proxy_password, proxy_password_len);
+ }
len += proxy_password_len;
code = Curl_write_plain(conn, sock, (char *)socksreq, len, &written);
@@ -597,7 +609,7 @@ CURLcode Curl_SOCKS5(const char *proxy_user,
else {
struct Curl_dns_entry *dns;
Curl_addrinfo *hp = NULL;
- int rc = Curl_resolv(conn, hostname, remote_port, &dns);
+ int rc = Curl_resolv(conn, hostname, remote_port, FALSE, &dns);
if(rc == CURLRESOLV_ERROR)
return CURLE_COULDNT_RESOLVE_HOST;