From d46d995766a849dbbcfa2f362ccdbca24401a006 Mon Sep 17 00:00:00 2001 From: Dan Fandrich Date: Tue, 10 Apr 2007 22:52:50 +0000 Subject: [PATCH] Fixed some out of memory handling issues. --- lib/http.c | 88 +++++++++++++++++++++++++++---------------------- lib/http_ntlm.c | 17 +++++----- 2 files changed, 58 insertions(+), 47 deletions(-) diff --git a/lib/http.c b/lib/http.c index c412df5bb..9c7a2bd11 100644 --- a/lib/http.c +++ b/lib/http.c @@ -332,6 +332,8 @@ CURLcode Curl_http_auth_act(struct connectdata *conn) if(pickhost || pickproxy) { data->reqdata.newurl = strdup(data->change.url); /* clone URL */ + if (!data->reqdata.newurl) + return CURLE_OUT_OF_MEMORY; if((data->set.httpreq != HTTPREQ_GET) && (data->set.httpreq != HTTPREQ_HEAD) && @@ -352,6 +354,8 @@ CURLcode Curl_http_auth_act(struct connectdata *conn) if((data->set.httpreq != HTTPREQ_GET) && (data->set.httpreq != HTTPREQ_HEAD)) { data->reqdata.newurl = strdup(data->change.url); /* clone URL */ + if (!data->reqdata.newurl) + return CURLE_OUT_OF_MEMORY; data->state.authhost.done = TRUE; } } @@ -992,8 +996,7 @@ CURLcode add_bufferf(send_buffer *in, const char *fmt, ...) if(s) { CURLcode result = add_buffer(in, s, strlen(s)); free(s); - if(CURLE_OK == result) - return CURLE_OK; + return result; } /* If we failed, we cleanup the whole buffer and return error */ if(in->buffer) @@ -1021,8 +1024,12 @@ CURLcode add_buffer(send_buffer *in, const void *inptr, size_t size) /* create a new buffer */ new_rb = (char *)malloc(new_size); - if(!new_rb) + if(!new_rb) { + /* If we failed, we cleanup the whole buffer and return error */ + Curl_safefree(in->buffer); + free(in); return CURLE_OUT_OF_MEMORY; + } in->buffer = new_rb; in->size_max = new_size; @@ -1179,40 +1186,38 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn, if(!checkheaders(data, "User-Agent:") && data->set.useragent) useragent = conn->allocptr.uagent; - if(CURLE_OK == result) { - /* Send the connect request to the proxy */ - /* BLOCKING */ - result = - add_bufferf(req_buffer, - "CONNECT %s:%d HTTP/1.0\r\n" - "%s" /* Host: */ - "%s" /* Proxy-Authorization */ - "%s" /* User-Agent */ - "%s", /* Proxy-Connection */ - hostname, remote_port, - host, - conn->allocptr.proxyuserpwd? - conn->allocptr.proxyuserpwd:"", - useragent, - proxyconn); + /* Send the connect request to the proxy */ + /* BLOCKING */ + result = + add_bufferf(req_buffer, + "CONNECT %s:%d HTTP/1.0\r\n" + "%s" /* Host: */ + "%s" /* Proxy-Authorization */ + "%s" /* User-Agent */ + "%s", /* Proxy-Connection */ + hostname, remote_port, + host, + conn->allocptr.proxyuserpwd? + conn->allocptr.proxyuserpwd:"", + useragent, + proxyconn); - if(CURLE_OK == result) - result = add_custom_headers(conn, req_buffer); + if(host && *host) + free(host); - if(host && *host) - free(host); + if(CURLE_OK == result) + result = add_custom_headers(conn, req_buffer); - if(CURLE_OK == result) - /* CRLF terminate the request */ - result = add_bufferf(req_buffer, "\r\n"); + if(CURLE_OK == result) + /* CRLF terminate the request */ + result = add_bufferf(req_buffer, "\r\n"); - if(CURLE_OK == result) { - /* Now send off the request */ - result = add_buffer_send(req_buffer, conn, - &data->info.request_size, 0, sockindex); - req_buffer = NULL; - } - } + if(CURLE_OK == result) { + /* Now send off the request */ + result = add_buffer_send(req_buffer, conn, + &data->info.request_size, 0, sockindex); + } + req_buffer = NULL; if(result) failf(data, "Failed sending CONNECT to proxy"); } @@ -1666,7 +1671,6 @@ static CURLcode expect100(struct SessionHandle *data, static CURLcode add_custom_headers(struct connectdata *conn, send_buffer *req_buffer) { - CURLcode result = CURLE_OK; char *ptr; struct curl_slist *headers=conn->data->set.headers; @@ -1693,7 +1697,7 @@ static CURLcode add_custom_headers(struct connectdata *conn, strlen("Content-Type:"))) ; else { - result = add_bufferf(req_buffer, "%s\r\n", headers->data); + CURLcode result = add_bufferf(req_buffer, "%s\r\n", headers->data); if(result) return result; } @@ -1701,7 +1705,7 @@ static CURLcode add_custom_headers(struct connectdata *conn, } headers = headers->next; } - return result; + return CURLE_OK; } /* @@ -2445,11 +2449,15 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) /* set the upload size to the progress meter */ Curl_pgrsSetUploadSize(data, http->postsize); - add_buffer(req_buffer, "\r\n", 2); /* end of headers! */ + result = add_buffer(req_buffer, "\r\n", 2); /* end of headers! */ + if(result) + return result; } } else { - add_buffer(req_buffer, "\r\n", 2); /* end of headers! */ + result = add_buffer(req_buffer, "\r\n", 2); /* end of headers! */ + if(result) + return result; if(data->set.postfieldsize) { /* set the upload size to the progress meter */ @@ -2475,7 +2483,9 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) break; default: - add_buffer(req_buffer, "\r\n", 2); + result = add_buffer(req_buffer, "\r\n", 2); + if(result) + return result; /* issue the request */ result = add_buffer_send(req_buffer, conn, diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c index 8c9795b7e..573f7ad83 100644 --- a/lib/http_ntlm.c +++ b/lib/http_ntlm.c @@ -415,16 +415,14 @@ static void utf8_to_unicode_le(unsigned char *dest, const char *src, /* * Set up nt hashed passwords */ -static void mk_nt_hash(struct SessionHandle *data, - char *password, - unsigned char *ntbuffer /* 21 bytes */) +static CURLcode mk_nt_hash(struct SessionHandle *data, + char *password, + unsigned char *ntbuffer /* 21 bytes */) { size_t len = strlen(password); unsigned char *pw = malloc(len*2); if (!pw) - /* No way to report this error; just rely on future malloc failures - to be caught */ - return; + return CURLE_OUT_OF_MEMORY; utf8_to_unicode_le(pw, password, len); @@ -451,6 +449,7 @@ static void mk_nt_hash(struct SessionHandle *data, } free(pw); + return CURLE_OK; } #endif @@ -875,7 +874,8 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, MD5_Final(md5sum, &MD5); /* We shall only use the first 8 bytes of md5sum, but the des code in lm_resp only encrypt the first 8 bytes */ - mk_nt_hash(conn->data, passwdp, ntbuffer); + if (mk_nt_hash(conn->data, passwdp, ntbuffer) == CURLE_OUT_OF_MEMORY) + return CURLE_OUT_OF_MEMORY; lm_resp(ntbuffer, md5sum, ntresp); /* End of NTLM2 Session code */ @@ -889,7 +889,8 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, unsigned char lmbuffer[0x18]; #if USE_NTRESPONSES - mk_nt_hash(conn->data, passwdp, ntbuffer); + if (mk_nt_hash(conn->data, passwdp, ntbuffer) == CURLE_OUT_OF_MEMORY) + return CURLE_OUT_OF_MEMORY; lm_resp(ntbuffer, &ntlm->nonce[0], ntresp); #endif