From 2ece5e3001d255a4cafd8ea7a3007ee0566e474c Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sun, 7 Oct 2018 23:34:35 +0200 Subject: [PATCH] curl_ntlm_wb: check aprintf() return codes ... when they return NULL we're out of memory and MUST return failure. closes #3111 --- lib/curl_ntlm_wb.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/curl_ntlm_wb.c b/lib/curl_ntlm_wb.c index 949c7fa17..a4791eb41 100644 --- a/lib/curl_ntlm_wb.c +++ b/lib/curl_ntlm_wb.c @@ -324,6 +324,8 @@ static CURLcode ntlm_wb_response(struct connectdata *conn, conn->response_header = aprintf("NTLM %.*s", len_out - 4, buf + 3); free(buf); + if(!conn->response_header) + return CURLE_OUT_OF_MEMORY; return CURLE_OK; done: free(buf); @@ -399,6 +401,8 @@ CURLcode Curl_output_ntlm_wb(struct connectdata *conn, conn->response_header); DEBUG_OUT(fprintf(stderr, "**** Header %s\n ", *allocuserpwd)); free(conn->response_header); + if(!*allocuserpwd) + return CURLE_OUT_OF_MEMORY; conn->response_header = NULL; break; case NTLMSTATE_TYPE2: @@ -419,6 +423,8 @@ CURLcode Curl_output_ntlm_wb(struct connectdata *conn, ntlm->state = NTLMSTATE_TYPE3; /* we sent a type-3 */ authp->done = TRUE; Curl_ntlm_wb_cleanup(conn); + if(!*allocuserpwd) + return CURLE_OUT_OF_MEMORY; break; case NTLMSTATE_TYPE3: /* connection is already authenticated, -- 2.40.0