moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-12-21 15:48:49 -05:00
Code Issues Releases Wiki Activity

ntlm_wb: Fix theoretical memory leak

Browse Source 
Static analysis indicated that my commit 9008f3d564 ("ntlm_wb: Fix
hard-coded limit on NTLM auth packet size") introduced a potential
memory leak on an error path, because we forget to free the buffer
before returning an error.

Fix this.

Although actually, it never happens in practice because we never *get*
here with state == NTLMSTATE_TYPE1. The state is always zero. That
might want cleaning up in a separate patch.

Reported-by: Terri Oda
This commit is contained in:
David Woodhouse 2015-07-16 14:17:33 -04:00 committed by Jay Satiro
parent de74e856e6
commit 60b19630b0
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/curl_ntlm_wb.c
View File

@ -306,7 +306,7 @@ static CURLcode ntlm_wb_response(struct connectdata *conn,
if(state == NTLMSTATE_TYPE1 &&
len_out == 3 &&
buf[0] == 'P' && buf[1] == 'W')
return CURLE_REMOTE_ACCESS_DENIED;
goto done;
/* invalid response */
if(len_out < 4)
goto done;