diff options
author | Daniel Stenberg <daniel@haxx.se> | 2018-10-07 23:34:35 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2018-10-07 23:34:35 +0200 |
commit | 46957830091fe0a9fce436d0a94b7f44690fb305 (patch) | |
tree | 5a2da4a7d524c41f5ca79919d352817ce897518b | |
parent | b55e85d4ec53eead7e99efa34f78a981bee32994 (diff) | |
download | curl-46957830091fe0a9fce436d0a94b7f44690fb305.tar.gz |
curl_ntlm_wb: check aprintf() return codesbagder/ntlm_wb-aprintf-checks
... when they return NULL we're out of memory and MUST return failure.
-rw-r--r-- | lib/curl_ntlm_wb.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/lib/curl_ntlm_wb.c b/lib/curl_ntlm_wb.c index 949c7fa17..a4791eb41 100644 --- a/lib/curl_ntlm_wb.c +++ b/lib/curl_ntlm_wb.c @@ -324,6 +324,8 @@ static CURLcode ntlm_wb_response(struct connectdata *conn, conn->response_header = aprintf("NTLM %.*s", len_out - 4, buf + 3); free(buf); + if(!conn->response_header) + return CURLE_OUT_OF_MEMORY; return CURLE_OK; done: free(buf); @@ -399,6 +401,8 @@ CURLcode Curl_output_ntlm_wb(struct connectdata *conn, conn->response_header); DEBUG_OUT(fprintf(stderr, "**** Header %s\n ", *allocuserpwd)); free(conn->response_header); + if(!*allocuserpwd) + return CURLE_OUT_OF_MEMORY; conn->response_header = NULL; break; case NTLMSTATE_TYPE2: @@ -419,6 +423,8 @@ CURLcode Curl_output_ntlm_wb(struct connectdata *conn, ntlm->state = NTLMSTATE_TYPE3; /* we sent a type-3 */ authp->done = TRUE; Curl_ntlm_wb_cleanup(conn); + if(!*allocuserpwd) + return CURLE_OUT_OF_MEMORY; break; case NTLMSTATE_TYPE3: /* connection is already authenticated, |