mirror of
https://github.com/moparisthebest/curl
synced 2024-12-21 23:58:49 -05:00
http: do not leak basic auth credentials on re-used connections
CVE-2015-3236 This partially reverts commit curl-7_39_0-237-g87c4abb Reported-by: Tomas Tomecek, Kamil Dudka Bug: http://curl.haxx.se/docs/adv_20150617A.html
This commit is contained in:
parent
24f0b6ebf7
commit
24a8359b25
16
lib/http.c
16
lib/http.c
@ -2312,20 +2312,12 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
|
||||
te
|
||||
);
|
||||
|
||||
/*
|
||||
* Free userpwd for Negotiate/NTLM. Cannot reuse as it is associated with
|
||||
* the connection and shouldn't be repeated over it either.
|
||||
*/
|
||||
switch (data->state.authhost.picked) {
|
||||
case CURLAUTH_NEGOTIATE:
|
||||
case CURLAUTH_NTLM:
|
||||
case CURLAUTH_NTLM_WB:
|
||||
Curl_safefree(conn->allocptr.userpwd);
|
||||
break;
|
||||
}
|
||||
/* clear userpwd to avoid re-using credentials from re-used connections */
|
||||
Curl_safefree(conn->allocptr.userpwd);
|
||||
|
||||
/*
|
||||
* Same for proxyuserpwd
|
||||
* Free proxyuserpwd for Negotiate/NTLM. Cannot reuse as it is associated
|
||||
* with the connection and shouldn't be repeated over it either.
|
||||
*/
|
||||
switch (data->state.authproxy.picked) {
|
||||
case CURLAUTH_NEGOTIATE:
|
||||
|
Loading…
Reference in New Issue
Block a user