- Andre Guibert de Bruet fixed a second case of not checking the malloc()

  return code in the Negotiate code.

diff --git a/CHANGES b/CHANGES
index bc0f8152835dd054350d331ef1b399364dae1f87..cc00b88dcbf172afc905b76a94c7977b44e7c3ae 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -8,6 +8,9 @@
 
 
 Daniel Stenberg (14 Apr 2008)
+- Andre Guibert de Bruet fixed a second case of not checking the malloc()
+  return code in the Negotiate code.
+
 - Sandor Feldi reported bug #1942022
   (http://curl.haxx.se/bug/view.cgi?id=1942022) pointing out a mistake in the
   lib/Makefile.vc[68] makefiles' release-ssl-dll target.

diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c
index ac8ad5802735dd88a363974f22331a3261f716fa..e7f934824026338091ef5e73e7f94bbc64270320 100644 (file)
--- a/lib/http_negotiate.c
+++ b/lib/http_negotiate.c
@@ -211,8 +211,10 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,
         }
         else {
           free(input_token.value);
-          input_token.value = NULL;
           input_token.value = malloc(mechTokenLength);
+          if (input_token.value == NULL)
+            return CURLE_OUT_OF_MEMORY;
+
           memcpy(input_token.value, mechToken,mechTokenLength);
           input_token.length = mechTokenLength;
           free(mechToken);