From cfc907e43d5f25a50a9fae95a37a4c0e959d591a Mon Sep 17 00:00:00 2001 From: Yang Tse Date: Sun, 14 Jul 2013 12:19:57 +0200 Subject: [PATCH] url.c: fix parse_url_login() OOM handling --- lib/url.c | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/lib/url.c b/lib/url.c index 6addc2677..32d7a9ae0 100644 --- a/lib/url.c +++ b/lib/url.c @@ -4440,8 +4440,12 @@ static CURLcode parse_url_login(struct SessionHandle *data, /* Decode the user */ newname = curl_easy_unescape(data, userp, 0, NULL); - if(!newname) + if(!newname) { + Curl_safefree(userp); + Curl_safefree(passwdp); + Curl_safefree(optionsp); return CURLE_OUT_OF_MEMORY; + } if(strlen(newname) < MAX_CURL_USER_LENGTH) strcpy(user, newname); @@ -4452,8 +4456,12 @@ static CURLcode parse_url_login(struct SessionHandle *data, if(passwdp) { /* We have a password in the URL so decode it */ char *newpasswd = curl_easy_unescape(data, passwdp, 0, NULL); - if(!newpasswd) + if(!newpasswd) { + Curl_safefree(userp); + Curl_safefree(passwdp); + Curl_safefree(optionsp); return CURLE_OUT_OF_MEMORY; + } if(strlen(newpasswd) < MAX_CURL_PASSWORD_LENGTH) strcpy(passwd, newpasswd); @@ -4464,8 +4472,12 @@ static CURLcode parse_url_login(struct SessionHandle *data, if(optionsp) { /* We have an options list in the URL so decode it */ char *newoptions = curl_easy_unescape(data, optionsp, 0, NULL); - if(!newoptions) + if(!newoptions) { + Curl_safefree(userp); + Curl_safefree(passwdp); + Curl_safefree(optionsp); return CURLE_OUT_OF_MEMORY; + } if(strlen(newoptions) < MAX_CURL_OPTIONS_LENGTH) strcpy(options, newoptions);