diff options
author | Yang Tse <yangsita@gmail.com> | 2013-03-24 04:47:57 +0100 |
---|---|---|
committer | Yang Tse <yangsita@gmail.com> | 2013-03-25 03:32:47 +0100 |
commit | acafe9c160e6c299d48d72ab93fdb7abfcbf3ed2 (patch) | |
tree | c3b87a727a0360917dc545b631cfab43b0aed623 | |
parent | 8ec2cb5544b86306b702484ea785b6b9596562ab (diff) |
NTLM: fix several NTLM code paths memory leaks
-rw-r--r-- | lib/curl_ntlm.c | 16 | ||||
-rw-r--r-- | lib/http.c | 5 | ||||
-rw-r--r-- | lib/url.c | 8 |
3 files changed, 16 insertions, 13 deletions
diff --git a/lib/curl_ntlm.c b/lib/curl_ntlm.c index 72e446c8f..4d126a573 100644 --- a/lib/curl_ntlm.c +++ b/lib/curl_ntlm.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -181,7 +181,6 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, /* Create a type-1 message */ error = Curl_ntlm_create_type1_message(userp, passwdp, ntlm, &base64, &len); - if(error) return error; @@ -190,8 +189,10 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, *allocuserpwd = aprintf("%sAuthorization: NTLM %s\r\n", proxy ? "Proxy-" : "", base64); - DEBUG_OUT(fprintf(stderr, "**** Header %s\n ", *allocuserpwd)); free(base64); + if(!*allocuserpwd) + return CURLE_OUT_OF_MEMORY; + DEBUG_OUT(fprintf(stderr, "**** Header %s\n ", *allocuserpwd)); } break; @@ -207,8 +208,10 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, *allocuserpwd = aprintf("%sAuthorization: NTLM %s\r\n", proxy ? "Proxy-" : "", base64); - DEBUG_OUT(fprintf(stderr, "**** %s\n ", *allocuserpwd)); free(base64); + if(!*allocuserpwd) + return CURLE_OUT_OF_MEMORY; + DEBUG_OUT(fprintf(stderr, "**** %s\n ", *allocuserpwd)); ntlm->state = NTLMSTATE_TYPE3; /* we send a type-3 */ authp->done = TRUE; @@ -218,10 +221,7 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, case NTLMSTATE_TYPE3: /* connection is already authenticated, * don't send a header in future requests */ - if(*allocuserpwd) { - free(*allocuserpwd); - *allocuserpwd = NULL; - } + Curl_safefree(*allocuserpwd); authp->done = TRUE; break; } diff --git a/lib/http.c b/lib/http.c index 0ba11133f..f4b7a48e7 100644 --- a/lib/http.c +++ b/lib/http.c @@ -1739,8 +1739,11 @@ CURLcode Curl_http(struct connectdata *conn, bool *done) conn->bits.authneg = FALSE; Curl_safefree(conn->allocptr.ref); - if(data->change.referer && !Curl_checkheaders(data, "Referer:")) + if(data->change.referer && !Curl_checkheaders(data, "Referer:")) { conn->allocptr.ref = aprintf("Referer: %s\r\n", data->change.referer); + if(!conn->allocptr.ref) + return CURLE_OUT_OF_MEMORY; + } else conn->allocptr.ref = NULL; @@ -2523,13 +2523,13 @@ CURLcode Curl_disconnect(struct connectdata *conn, bool dead_connection) data->state.authproxy.want; } - if(has_host_ntlm || has_proxy_ntlm) { + if(has_host_ntlm || has_proxy_ntlm) data->state.authproblem = FALSE; - - Curl_http_ntlm_cleanup(conn); - } } + /* Cleanup NTLM connection-related data */ + Curl_http_ntlm_cleanup(conn); + /* Cleanup possible redirect junk */ if(data->req.newurl) { free(data->req.newurl); |