From 36504903e48df444c6f3db5776527ca1b1f2514d Mon Sep 17 00:00:00 2001 From: JinWang An Date: Fri, 19 Feb 2021 08:58:23 +0900 Subject: [CVE-2019-5481] Fix Double-free vulnerability Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. Change-Id: I99c27c62c1b7d15c2579102d2aac6d5a9a0a3d43 Signed-off-by: JinWang An --- Utilities/cmcurl/lib/security.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/Utilities/cmcurl/lib/security.c b/Utilities/cmcurl/lib/security.c index 76951548d..831cf71c7 100644 --- a/Utilities/cmcurl/lib/security.c +++ b/Utilities/cmcurl/lib/security.c @@ -191,7 +191,6 @@ static CURLcode read_data(struct connectdata *conn, struct krb5buffer *buf) { int len; - void *tmp = NULL; CURLcode result; result = socket_read(fd, &len, sizeof(len)); @@ -201,12 +200,11 @@ static CURLcode read_data(struct connectdata *conn, if(len) { /* only realloc if there was a length */ len = ntohl(len); - tmp = Curl_saferealloc(buf->data, len); + buf->data = Curl_saferealloc(buf->data, len); } - if(tmp == NULL) + if(!len || !buf->data) return CURLE_OUT_OF_MEMORY; - buf->data = tmp; result = socket_read(fd, buf->data, len); if(result) return result; -- cgit v1.2.3