From 0dec3e5e6a3d9f2279b58afae133a0910badcfa3 Mon Sep 17 00:00:00 2001
From: Dan Fandrich <dan@coneharvesters.com>
Date: Tue, 11 Aug 2009 02:30:53 +0000
Subject: [PATCH] Fixed a memory leak in the FTP code and an off-by-one heap
 buffer overflow.

---
 CHANGES   | 3 +++
 lib/ftp.c | 6 +++---
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/CHANGES b/CHANGES
index e5fec2df0e..4ade707947 100644
--- a/CHANGES
+++ b/CHANGES
@@ -6,6 +6,9 @@
 
                                   Changelog
 
+Daniel Fandrich (10 Aug 2009)
+- Fixed a memory leak in the FTP code and an off-by-one heap buffer overflow.
+
 Daniel Fandrich (9 Aug 2009)
 - Fixed some memory leaks in the command-line tool that caused most of the
   torture tests to fail.
diff --git a/lib/ftp.c b/lib/ftp.c
index 4ded990b69..765ac841c5 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -926,9 +926,9 @@ static CURLcode ftp_state_use_port(struct connectdata *conn,
     char *port_start = NULL;
     char *port_sep = NULL;
 
-    addr = malloc(addrlen);
-    memset(addr, 0, addrlen);
-
+    addr = calloc(addrlen+1, 1);
+    if (!addr)
+      return CURLE_OUT_OF_MEMORY;
 
 #ifdef ENABLE_IPV6
     if(*string_ftpport == '[') {
-- 
GitLab