[OpenWrt-Devel] [PATCH v2 2/7] uclient-http: basic auth: Handle memory allocation failure
Tobias Schramm
tobleminer at gmail.com
Sun Feb 18 07:46:05 EST 2018
Allocation of the base64 buffer might fail, resulting in a null
ptr being passed to base64_encode as a target buffer
Signed-off-by: Tobias Schramm <tobleminer at gmail.com>
---
uclient-http.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/uclient-http.c b/uclient-http.c
index ef8de98..36e2b38 100644
--- a/uclient-http.c
+++ b/uclient-http.c
@@ -299,7 +299,7 @@ static bool uclient_request_supports_body(enum request_type req_type)
}
}
-static void
+static int
uclient_http_add_auth_basic(struct uclient_http *uh)
{
struct uclient_url *url = uh->uc.url;
@@ -307,11 +307,16 @@ uclient_http_add_auth_basic(struct uclient_http *uh)
char *auth_buf;
if (auth_len > 512)
- return;
+ return -EINVAL;
auth_buf = alloca(base64_len(auth_len) + 1);
+ if (!auth_buf)
+ return -ENOMEM;
+
base64_encode(url->auth, auth_len, auth_buf);
ustream_printf(uh->us, "Authorization: Basic %s\r\n", auth_buf);
+
+ return 0;
}
static char *digest_unquote_sep(char **str)
--
2.16.1
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list