OOM fixes in http_negociate.c and lib/splay.c

Fix 2 OOM errors: a missing NULL-check in lib/http_negociate.c and a potential NULL dereferencing in lib/splay.c
2010-05-25 06:53:48 -07:00 · 2010-05-25 06:53:48 -07:00 · 9e480973eb
parent 2e056353b0
commit 9e480973eb
3 changed files with 9 additions and 4 deletions
--- a/3
+++ b/3
@ -6,6 +6,9 @@

                                  Changelog

+- Julien Chaffraix fixed 2 OOM errors: a missing NULL-check in
+  lib/http_negociate.c and a potential NULL dereferencing in lib/splay.c
+
 Daniel Stenberg (25 May 2010)
 - Howard Chu brought a patch that makes the LDAP code much cleaner, nicer and
  in general being a better libcurl citizen. If a new enough OpenLDAP version
--- a/lib/http_negotiate.c
+++ b/lib/http_negotiate.c
@ -308,6 +308,8 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
      free(neg_ctx->output_token.value);
      responseToken = NULL;
      neg_ctx->output_token.value = malloc(spnegoTokenLength);
+      if(neg_ctx->output_token.value == NULL)
+        return CURLE_OUT_OF_MEMORY;
      memcpy(neg_ctx->output_token.value, spnegoToken,spnegoTokenLength);
      neg_ctx->output_token.length = spnegoTokenLength;
      free(spnegoToken);
--- a/lib/splay.c
+++ b/lib/splay.c
@ -394,6 +394,10 @@ int main(int argc, argv_item_t argv[])
  for (i = 0; i < MAX; i++) {
    struct timeval key;
    ptrs[i] = t = malloc(sizeof(struct Curl_tree));
+    if(!t) {
+      puts("out of memory!");
+      return 0;
+    }

    key.tv_sec = 0;
 #ifdef TEST2
@ -405,10 +409,6 @@ int main(int argc, argv_item_t argv[])
 #endif

    t->payload = (void *)key.tv_usec; /* for simplicity */
-    if(!t) {
-      puts("out of memory!");
-      return 0;
-    }
    root = Curl_splayinsert(key, root, t);
  }