curl_sasl: Fixed potential null pointer utilisation

Although this should never happen due to the relationship between the 'mech' and 'resp' variables, and the way they are allocated together, it does cause problems for code analysis tools: V595 The 'mech' pointer was utilized before it was verified against nullptr. Check lines: 376, 381. curl_sasl.c 376 Bug: https://github.com/curl/curl/issues/745 Reported-by: Alexis La Goutte
author: Steve Holme <steve_holme@hotmail.com> 2016-04-03 17:55:17 +0100
committer: Steve Holme <steve_holme@hotmail.com> 2016-04-03 17:55:17 +0100
commit: e655ae0c80aa3ddbacc20cac349336e4696d7d74 (patch)
tree: aedb212a557b283e06c65adb069d13cd696f13d3 /lib/curl_sasl.c
parent: 7a7cdf264dbf40210c728d1fb3293968826a0d38 (diff)
download: curl-e655ae0c80aa3ddbacc20cac349336e4696d7d74.tar.gz
1 files changed, 5 insertions, 7 deletions
diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c
index a4568d6d3..13cf4e954 100644
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -373,19 +373,17 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
     }
   }
 
-  if(!result) {
+  if(!result && mech) {
     if(resp && sasl->params->maxirlen &&
        strlen(mech) + len > sasl->params->maxirlen) {
       free(resp);
       resp = NULL;
     }
 
-    if(mech) {
-      result = sasl->params->sendauth(conn, mech, resp);
-      if(!result) {
-        *progress = SASL_INPROGRESS;
-        state(sasl, conn, resp? state2: state1);
-      }
+    result = sasl->params->sendauth(conn, mech, resp);
+    if(!result) {
+      *progress = SASL_INPROGRESS;
+      state(sasl, conn, resp ? state2 : state1);
     }
   }
author	Steve Holme <steve_holme@hotmail.com>	2016-04-03 17:55:17 +0100
committer	Steve Holme <steve_holme@hotmail.com>	2016-04-03 17:55:17 +0100
commit	e655ae0c80aa3ddbacc20cac349336e4696d7d74 (patch)
tree	aedb212a557b283e06c65adb069d13cd696f13d3 /lib/curl_sasl.c
parent	7a7cdf264dbf40210c728d1fb3293968826a0d38 (diff)
download	curl-e655ae0c80aa3ddbacc20cac349336e4696d7d74.tar.gz