[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnurl] 126/151: ntlm_wb: fix double-free in OOM
From: |
gnunet |
Subject: |
[gnurl] 126/151: ntlm_wb: fix double-free in OOM |
Date: |
Fri, 20 Dec 2019 14:27:15 +0100 |
This is an automated email from the git hooks/post-receive script.
ng0 pushed a commit to branch master
in repository gnurl.
commit 68ffe6c17d6e44b459d60805813f646d244a186b
Author: Daniel Stenberg <address@hidden>
AuthorDate: Fri Dec 13 12:27:49 2019 +0100
ntlm_wb: fix double-free in OOM
Detected by torture testing test 1310
Closes #4710
---
lib/curl_ntlm_wb.c | 17 ++++++-----------
1 file changed, 6 insertions(+), 11 deletions(-)
diff --git a/lib/curl_ntlm_wb.c b/lib/curl_ntlm_wb.c
index 80266e2a4..30b54de44 100644
--- a/lib/curl_ntlm_wb.c
+++ b/lib/curl_ntlm_wb.c
@@ -108,10 +108,8 @@ void Curl_http_auth_cleanup_ntlm_wb(struct connectdata
*conn)
conn->ntlm_auth_hlpr_pid = 0;
}
- free(conn->challenge_header);
- conn->challenge_header = NULL;
- free(conn->response_header);
- conn->response_header = NULL;
+ Curl_safefree(conn->challenge_header);
+ Curl_safefree(conn->response_header);
}
static CURLcode ntlm_wb_init(struct connectdata *conn, const char *userp)
@@ -393,7 +391,6 @@ CURLcode Curl_output_ntlm_wb(struct connectdata *conn,
struct auth *authp;
CURLcode res = CURLE_OK;
- char *input;
DEBUGASSERT(conn);
DEBUGASSERT(conn->data);
@@ -444,19 +441,17 @@ CURLcode Curl_output_ntlm_wb(struct connectdata *conn,
proxy ? "Proxy-" : "",
conn->response_header);
DEBUG_OUT(fprintf(stderr, "**** Header %s\n ", *allocuserpwd));
- free(conn->response_header);
+ Curl_safefree(conn->response_header);
if(!*allocuserpwd)
return CURLE_OUT_OF_MEMORY;
- conn->response_header = NULL;
break;
- case NTLMSTATE_TYPE2:
- input = aprintf("TT %s\n", conn->challenge_header);
+ case NTLMSTATE_TYPE2: {
+ char *input = aprintf("TT %s\n", conn->challenge_header);
if(!input)
return CURLE_OUT_OF_MEMORY;
res = ntlm_wb_response(conn, input, *state);
free(input);
- input = NULL;
if(res)
return res;
@@ -471,7 +466,7 @@ CURLcode Curl_output_ntlm_wb(struct connectdata *conn,
if(!*allocuserpwd)
return CURLE_OUT_OF_MEMORY;
break;
-
+ }
case NTLMSTATE_TYPE3:
/* connection is already authenticated,
* don't send a header in future requests */
--
To stop receiving notification emails like this one, please contact
address@hidden.
- [gnurl] 94/151: lib: fix some loose ends for recently added CURLSSLOPT_NO_PARTIALCHAIN, (continued)
- [gnurl] 94/151: lib: fix some loose ends for recently added CURLSSLOPT_NO_PARTIALCHAIN, gnunet, 2019/12/20
- [gnurl] 89/151: CMake: add support for building with the NSS vtls backend, gnunet, 2019/12/20
- [gnurl] 101/151: cirrus: enable clang sanitizers on freebsd 13, gnunet, 2019/12/20
- [gnurl] 110/151: RELEASE-NOTES: synced, gnunet, 2019/12/20
- [gnurl] 112/151: conncache: CONNECT_ONLY connections assumed always in-use, gnunet, 2019/12/20
- [gnurl] 115/151: mailmap: fix Andrew Ishchuk, gnunet, 2019/12/20
- [gnurl] 113/151: runtests: introduce --shallow to reduce huge torture tests, gnunet, 2019/12/20
- [gnurl] 117/151: doh: make it behave when built without proxy support, gnunet, 2019/12/20
- [gnurl] 120/151: lib1557: fix mem-leak in OOM, gnunet, 2019/12/20
- [gnurl] 121/151: lib1559: fix mem-leak in OOM, gnunet, 2019/12/20
- [gnurl] 126/151: ntlm_wb: fix double-free in OOM,
gnunet <=
- [gnurl] 124/151: unit1620: fix bad free in OOM, gnunet, 2019/12/20
- [gnurl] 128/151: azure: add a torture test, gnunet, 2019/12/20
- [gnurl] 130/151: hostip: suppress compiler warning, gnunet, 2019/12/20
- [gnurl] 136/151: lib1591: free memory properly on OOM, in the trailers callback, gnunet, 2019/12/20
- [gnurl] 138/151: winbuild: Document CURL_STATICLIB requirement for static libcurl, gnunet, 2019/12/20
- [gnurl] 142/151: KNOWN_BUGS: LDAP on Windows doesn't work, gnunet, 2019/12/20
- [gnurl] 132/151: multi: free sockhash on OOM, gnunet, 2019/12/20
- [gnurl] 135/151: runtests: --repeat=[num] to repeat tests, gnunet, 2019/12/20
- [gnurl] 133/151: azure: add a torture test on mac, gnunet, 2019/12/20
- [gnurl] 143/151: KNOWN_BUGS: Connection information when using TCP Fast Open, gnunet, 2019/12/20