From e980cbb8e7ca568719c7a9e9e31d566002d92f72 Mon Sep 17 00:00:00 2001
From: Cherish98 <66007047+Cherish98@users.noreply.github.com>
Date: Fri, 5 Jun 2020 17:36:11 +0000
Subject: socks: fix expected length of SOCKS5 reply

Commit 4a4b63d forgot to set the expected SOCKS5 reply length when the
reply ATYP is X'01'. This resulted in erroneously expecting more bytes
when the request length is greater than the reply length (e.g., when
remotely resolving the hostname).

Closes #5527
---
 lib/socks.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/lib/socks.c b/lib/socks.c
index 6031096f9..98b7818d8 100644
--- a/lib/socks.c
+++ b/lib/socks.c
@@ -935,6 +935,13 @@ CURLcode Curl_SOCKS5(const char *proxy_user,
       /* IPv6 */
       len = 4 + 16 + 2;
     }
+    else if(socksreq[3] == 1) {
+      len = 4 + 4 + 2;
+    }
+    else {
+      failf(data, "SOCKS5 reply has wrong address type.");
+      return CURLE_COULDNT_CONNECT;
+    }
 
     /* At this point we already read first 10 bytes */
 #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
-- 
cgit v1.2.3