summaryrefslogtreecommitdiff
path: root/lib/curl_sasl.c
diff options
context:
space:
mode:
authorSteve Holme <steve_holme@hotmail.com>2016-04-03 17:55:17 +0100
committerSteve Holme <steve_holme@hotmail.com>2016-04-03 17:55:17 +0100
commite655ae0c80aa3ddbacc20cac349336e4696d7d74 (patch)
treeaedb212a557b283e06c65adb069d13cd696f13d3 /lib/curl_sasl.c
parent7a7cdf264dbf40210c728d1fb3293968826a0d38 (diff)
downloadcurl-e655ae0c80aa3ddbacc20cac349336e4696d7d74.tar.gz
curl_sasl: Fixed potential null pointer utilisation
Although this should never happen due to the relationship between the 'mech' and 'resp' variables, and the way they are allocated together, it does cause problems for code analysis tools: V595 The 'mech' pointer was utilized before it was verified against nullptr. Check lines: 376, 381. curl_sasl.c 376 Bug: https://github.com/curl/curl/issues/745 Reported-by: Alexis La Goutte
Diffstat (limited to 'lib/curl_sasl.c')
-rw-r--r--lib/curl_sasl.c12
1 files changed, 5 insertions, 7 deletions
diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c
index a4568d6d3..13cf4e954 100644
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -373,19 +373,17 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
}
}
- if(!result) {
+ if(!result && mech) {
if(resp && sasl->params->maxirlen &&
strlen(mech) + len > sasl->params->maxirlen) {
free(resp);
resp = NULL;
}
- if(mech) {
- result = sasl->params->sendauth(conn, mech, resp);
- if(!result) {
- *progress = SASL_INPROGRESS;
- state(sasl, conn, resp? state2: state1);
- }
+ result = sasl->params->sendauth(conn, mech, resp);
+ if(!result) {
+ *progress = SASL_INPROGRESS;
+ state(sasl, conn, resp ? state2 : state1);
}
}