diff options
| author | Marc Hoersken <info@marc-hoersken.de> | 2014-04-18 23:24:41 +0200 |
|---|---|---|
| committer | Marc Hoersken <info@marc-hoersken.de> | 2014-04-18 23:24:41 +0200 |
| commit | e81bdab13eda838b864148f307acc549444fb57d (patch) | |
| tree | 9a03012e35c305634689adb2161dcf21d5c3d310 /lib/socks_sspi.c | |
| parent | 54df616729e8edd514b44bc71fd05314001c468e (diff) | |
socks_sspi.c: added pointer guards to FreeContextBuffer calls
The FreeContextBuffer SAL declaration does not declare the pointer
as optional, therefore it must not be NULL.
Diffstat (limited to 'lib/socks_sspi.c')
| -rw-r--r-- | lib/socks_sspi.c | 53 |
1 files changed, 36 insertions, 17 deletions
diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c index 0313de333..4cf618877 100644 --- a/lib/socks_sspi.c +++ b/lib/socks_sspi.c @@ -194,7 +194,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex, Curl_safefree(service_name); s_pSecFn->FreeCredentialsHandle(&cred_handle); s_pSecFn->DeleteSecurityContext(&sspi_context); - s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer); + if(sspi_recv_token.pvBuffer) + s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer); failf(data, "Failed to initialise security context."); return CURLE_COULDNT_CONNECT; } @@ -209,8 +210,10 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex, if((code != CURLE_OK) || (4 != written)) { failf(data, "Failed to send SSPI authentication request."); Curl_safefree(service_name); - s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer); - s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer); + if(sspi_send_token.pvBuffer) + s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer); + if(sspi_recv_token.pvBuffer) + s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer); s_pSecFn->FreeCredentialsHandle(&cred_handle); s_pSecFn->DeleteSecurityContext(&sspi_context); return CURLE_COULDNT_CONNECT; @@ -221,8 +224,10 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex, if((code != CURLE_OK) || (sspi_send_token.cbBuffer != (size_t)written)) { failf(data, "Failed to send SSPI authentication token."); Curl_safefree(service_name); - s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer); - s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer); + if(sspi_send_token.pvBuffer) + s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer); + if(sspi_recv_token.pvBuffer) + s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer); s_pSecFn->FreeCredentialsHandle(&cred_handle); s_pSecFn->DeleteSecurityContext(&sspi_context); return CURLE_COULDNT_CONNECT; @@ -230,12 +235,18 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex, } - s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer); - sspi_send_token.pvBuffer = NULL; + if(sspi_send_token.pvBuffer) { + s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer); + sspi_send_token.pvBuffer = NULL; + } sspi_send_token.cbBuffer = 0; - s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer); - sspi_recv_token.pvBuffer = NULL; + + if(sspi_recv_token.pvBuffer) { + s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer); + sspi_recv_token.pvBuffer = NULL; + } sspi_recv_token.cbBuffer = 0; + if(status != SEC_I_CONTINUE_NEEDED) break; @@ -295,7 +306,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex, if(result != CURLE_OK || actualread != us_length) { failf(data, "Failed to receive SSPI authentication token."); Curl_safefree(service_name); - s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer); + if(sspi_recv_token.pvBuffer) + s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer); s_pSecFn->FreeCredentialsHandle(&cred_handle); s_pSecFn->DeleteSecurityContext(&sspi_context); return CURLE_COULDNT_CONNECT; @@ -459,7 +471,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex, code = Curl_write_plain(conn, sock, (char *)socksreq, 4, &written); if((code != CURLE_OK) || (4 != written)) { failf(data, "Failed to send SSPI encryption request."); - s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer); + if(sspi_send_token.pvBuffer) + s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer); s_pSecFn->DeleteSecurityContext(&sspi_context); return CURLE_COULDNT_CONNECT; } @@ -478,11 +491,13 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex, sspi_send_token.cbBuffer, &written); if((code != CURLE_OK) || (sspi_send_token.cbBuffer != (size_t)written)) { failf(data, "Failed to send SSPI encryption type."); - s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer); + if(sspi_send_token.pvBuffer) + s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer); s_pSecFn->DeleteSecurityContext(&sspi_context); return CURLE_COULDNT_CONNECT; } - s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer); + if(sspi_send_token.pvBuffer) + s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer); } result = Curl_blockread_all(conn, sock, (char *)socksreq, 4, &actualread); @@ -541,8 +556,10 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex, &qop); if(check_sspi_err(conn, status, "DecryptMessage")) { - s_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer); - s_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer); + if(sspi_w_token[0].pvBuffer) + s_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer); + if(sspi_w_token[1].pvBuffer) + s_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer); s_pSecFn->DeleteSecurityContext(&sspi_context); failf(data, "Failed to query security context attributes."); return CURLE_COULDNT_CONNECT; @@ -551,8 +568,10 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex, if(sspi_w_token[1].cbBuffer != 1) { failf(data, "Invalid SSPI encryption response length (%lu).", (unsigned long)sspi_w_token[1].cbBuffer); - s_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer); - s_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer); + if(sspi_w_token[0].pvBuffer) + s_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer); + if(sspi_w_token[1].pvBuffer) + s_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer); s_pSecFn->DeleteSecurityContext(&sspi_context); return CURLE_COULDNT_CONNECT; } |