From: Gokhan Sengun Date: Wed, 2 May 2012 20:34:45 +0000 (+0300) Subject: MD5: OOM fix X-Git-Tag: curl-7_26_0~21 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=d6773834f2c8e4453cfa0b38a6dd780f53575e95;p=curl MD5: OOM fix check whether md5 initialization succeeded before updating digest of buffers onto it --- diff --git a/lib/smtp.c b/lib/smtp.c index edc5eea71..42cff6e41 100644 --- a/lib/smtp.c +++ b/lib/smtp.c @@ -933,6 +933,9 @@ static CURLcode smtp_state_authdigest_resp(struct connectdata *conn, /* So far so good, now calculate A1 and H(A1) according to RFC 2831 */ ctxt = Curl_MD5_init(Curl_DIGEST_MD5); + if(!ctxt) + return CURLE_OUT_OF_MEMORY; + Curl_MD5_update(ctxt, (const unsigned char *) conn->user, curlx_uztoui(strlen(conn->user))); Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); @@ -944,6 +947,9 @@ static CURLcode smtp_state_authdigest_resp(struct connectdata *conn, Curl_MD5_final(ctxt, digest); ctxt = Curl_MD5_init(Curl_DIGEST_MD5); + if(!ctxt) + return CURLE_OUT_OF_MEMORY; + Curl_MD5_update(ctxt, (const unsigned char *) digest, MD5_DIGEST_LEN); Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); Curl_MD5_update(ctxt, (const unsigned char *) nonce, @@ -962,6 +968,9 @@ static CURLcode smtp_state_authdigest_resp(struct connectdata *conn, /* Calculate H(A2) */ ctxt = Curl_MD5_init(Curl_DIGEST_MD5); + if(!ctxt) + return CURLE_OUT_OF_MEMORY; + Curl_MD5_update(ctxt, (const unsigned char *) method, curlx_uztoui(strlen(method))); Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); @@ -974,6 +983,9 @@ static CURLcode smtp_state_authdigest_resp(struct connectdata *conn, /* Now calculate the response hash */ ctxt = Curl_MD5_init(Curl_DIGEST_MD5); + if(!ctxt) + return CURLE_OUT_OF_MEMORY; + Curl_MD5_update(ctxt, (const unsigned char *) HA1_hex, 2 * MD5_DIGEST_LEN); Curl_MD5_update(ctxt, (const unsigned char *) ":", 1); Curl_MD5_update(ctxt, (const unsigned char *) nonce,