CVE-2023-38545 — curl SOCKS5 heap overflow via state-machine re-entrancy

CVE-2023-38545: heap buffer overflow in curl's SOCKS5 proxy handshake (do_SOCKS5 in lib/socks.c). When socks5h:// (CURLPROXY_SOCKS5_HOSTNAME) is used and the destination hostname is longer than 255 bytes, a slow SOCKS5 handshake causes the state machine to be re-entered and a stack-local 'should-resolve-locally' flag is silently reset, eventually leading to a memcpy of an attacker-controlled long hostname into data->state.buffer (heap, default 16KB, configurable down to 1024 via CURLOPT_BUFFERSIZE). CVE-2023-38545: heap buffer overflow in curl's SOCKS5 proxy handshake (do_SOCKS5 in lib/socks.c). When socks5h:// (CURLPROXY_SOCKS5_HOSTNAME) is used and the destination hostname is longer than 255 bytes, a slow SOCKS5 handshake causes the state machine to be re-entered and a stack-local 'should-resolve-locally' flag is silently reset, eventually leading to a memcpy of an attacker-controlled long hostname into data->state.buffer.