Fixing memory leak

lresp variable is not freed properly, also taking the chance to switch the printf calls to hydra_report function
This commit is contained in:
David Maciejak 2019-05-31 17:14:45 +08:00 committed by GitHub
parent f6001f39e2
commit 5df0ab39c0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -79,9 +79,11 @@ void create_core_packet(int32_t control, char *ip, int32_t port) {
int32_t start_rtsp(int32_t s, char *ip, int32_t port, unsigned char options, char *miscptr, FILE * fp) {
char *empty = "";
char *login, *pass, buffer[1030], buffer2[500];
char *lresp;
memset(buffer, 0, sizeof(buffer));
memset(buffer2, 0, sizeof(buffer2));
if (strlen(login = hydra_get_next_login()) == 0)
login = empty;
if (strlen(pass = hydra_get_next_password()) == 0)
@ -95,12 +97,13 @@ int32_t start_rtsp(int32_t s, char *ip, int32_t port, unsigned char options, cha
lresp = hydra_receive_line(s);
if (lresp == NULL) {
fprintf(stderr, "[ERROR] no server reply\n");
hydra_report(stderr, "[ERROR] no server reply\n");
return 1;
}
if (is_NotFound(lresp)) {
printf("[INFO] Server does not need credentials\n");
free(lresp);
hydra_report(stderr, "[INFO] Server does not need credentials\n");
hydra_completed_pair_found();
if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) {
return 3;
@ -112,6 +115,7 @@ int32_t start_rtsp(int32_t s, char *ip, int32_t port, unsigned char options, cha
if (use_Basic_Auth(lresp) == 1) {
free(lresp);
sprintf(buffer2, "%.249s:%.249s", login, pass);
hydra_tobase64((unsigned char *) buffer2, strlen(buffer2), sizeof(buffer2));
@ -121,43 +125,53 @@ int32_t start_rtsp(int32_t s, char *ip, int32_t port, unsigned char options, cha
hydra_report(stderr, "C:%s\n", buffer);
}
}
else {
if (use_Digest_Auth(lresp) == 1) {
char *dbuf = NULL;
char aux[500] = "";
char *pbuffer = hydra_strcasestr(lresp, "WWW-Authenticate: Digest ");
if (use_Digest_Auth(lresp) == 1) {
char *dbuf = NULL;
char aux[500] = "";
char *pbuffer = hydra_strcasestr(lresp, "WWW-Authenticate: Digest ");
strncpy(aux, pbuffer + strlen("WWW-Authenticate: Digest "), sizeof(aux));
aux[sizeof(aux) - 1] = '\0';
strncpy(aux, pbuffer + strlen("WWW-Authenticate: Digest "), sizeof(aux));
aux[sizeof(aux) - 1] = '\0';
free(lresp);
#ifdef LIBOPENSSL
sasl_digest_md5(dbuf, login, pass, aux, miscptr, "rtsp", hydra_address2string(ip), port, "");
sasl_digest_md5(dbuf, login, pass, aux, miscptr, "rtsp", hydra_address2string(ip), port, "");
#else
printf("[ERROR] Digest auth required but compiled without OpenSSL/MD5 support\n");
return 3;
hydra_report(stderr, "[ERROR] Digest auth required but compiled without OpenSSL/MD5 support\n");
return 3;
#endif
if (dbuf == NULL) {
fprintf(stderr, "[ERROR] digest generation failed\n");
return 3;
}
sprintf(buffer, "%.500sAuthorization: Digest %.500s\r\n\r\n", packet2, dbuf);
if (dbuf == NULL) {
hydra_report(stderr, "[ERROR] digest generation failed\n");
return 3;
}
sprintf(buffer, "%.500sAuthorization: Digest %.500s\r\n\r\n", packet2, dbuf);
if (debug) {
hydra_report(stderr, "C:%s\n", buffer);
if (debug) {
hydra_report(stderr, "C:%s\n", buffer);
}
}
}
if (strlen(buffer) == 0) {
hydra_report(stderr, "[ERROR] could not identify HTTP authentication used\n");
return 1;
}
if (hydra_send(s, buffer, strlen(buffer), 0) < 0) {
return 1;
}
lresp = NULL;
lresp = hydra_receive_line(s);
if ((is_NotFound(lresp))) {
if (lresp == NULL) {
hydra_report(stderr, "[ERROR] no server reply\n");
return 1;
}
if ((is_NotFound(lresp))) {
free(lresp);
hydra_completed_pair_found();
if (memcmp(hydra_get_next_pair(), &HYDRA_EXIT, sizeof(HYDRA_EXIT)) == 0) {
@ -165,8 +179,8 @@ int32_t start_rtsp(int32_t s, char *ip, int32_t port, unsigned char options, cha
}
return 1;
}
free(lresp);
hydra_completed_pair();
}