[Privoxy-commits] [privoxy] 08/38: rfc2553_connect_to(): Prevent theoretical memory disclosure through the CGI interface
User Git
git at git.privoxy.org
Thu Apr 9 09:37:06 CEST 2026
This is an automated email from the git hooks/post-receive script.
git pushed a commit to branch master
in repository privoxy.
commit 49889e43ed82e1a8c793987943e103bc4ff0e78b
Author: Fabian Keil <fk at fabiankeil.de>
AuthorDate: Thu Apr 2 14:55:45 2026 +0200
rfc2553_connect_to(): Prevent theoretical memory disclosure through the CGI interface
... if a request is rejected due to ACLs.
It's theoretical due to a bug in the ACL code that will
be fixed in a following commit.
---
jbsockets.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/jbsockets.c b/jbsockets.c
index 70ddea4d..c98a1f6b 100644
--- a/jbsockets.c
+++ b/jbsockets.c
@@ -250,7 +250,7 @@ static jb_socket rfc2553_connect_to(const char *host, int portnum, struct client
return(JB_INVALID_SOCKET);
}
- csp->http->host_ip_addr_str = malloc_or_die(NI_MAXHOST);
+ csp->http->host_ip_addr_str = zalloc_or_die(NI_MAXHOST);
for (rp = result; rp != NULL; rp = rp->ai_next)
{
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Privoxy-commits
mailing list