Fixes some more out of memory handling bugs.

2025-02-17 14:59:45 +08:00 · 2007-04-04 23:41:35 +00:00 · 2007-04-04 23:41:35 +00:00 · c321b9f704
commit c321b9f704
parent 7e74349b86
4 changed files with 9 additions and 1 deletions
--- a/lib/base64.c
+++ b/lib/base64.c
@ -173,11 +173,13 @@ size_t Curl_base64_encode(struct SessionHandle *data,
  if(data) {
    convbuf = (char*)malloc(insize);
    if(!convbuf) {
+      free(output);
      return 0;
    }
    memcpy(convbuf, indata, insize);
    if(CURLE_OK != Curl_convert_to_network(data, convbuf, insize)) {
      free(convbuf);
+      free(output);
      return 0;
    }
    indata = convbuf; /* switch to the converted buffer */
--- a/lib/http_negotiate.c
+++ b/lib/http_negotiate.c
@ -295,7 +295,7 @@ CURLcode Curl_output_negotiate(struct connectdata *conn)
                           neg_ctx->output_token.length,
                           &encoded);

-  if (len < 0)
+  if (len == 0)
    return CURLE_OUT_OF_MEMORY;

  conn->allocptr.userpwd =
--- a/lib/http_ntlm.c
+++ b/lib/http_ntlm.c
@ -421,6 +421,10 @@ static void mk_nt_hash(struct SessionHandle *data,
 {
  size_t len = strlen(password);
  unsigned char *pw = malloc(len*2);
+  if (!pw)
+    /* No way to report this error; just rely on future malloc failures
+       to be caught */
+    return;

  utf8_to_unicode_le(pw, password, len);

--- a/lib/url.c
+++ b/lib/url.c
@ -2856,6 +2856,8 @@ static CURLcode CreateConnection(struct SessionHandle *data,
  /* Initialize the pipeline lists */
  conn->send_pipe = Curl_llist_alloc((curl_llist_dtor) llist_dtor);
  conn->recv_pipe = Curl_llist_alloc((curl_llist_dtor) llist_dtor);
+  if (!conn->send_pipe || !conn->recv_pipe)
+    return CURLE_OUT_OF_MEMORY;

  /* Store creation time to help future close decision making */
  conn->created = Curl_tvnow();