diff options
author | Steve Holme <steve_holme@hotmail.com> | 2016-04-03 17:55:17 +0100 |
---|---|---|
committer | Steve Holme <steve_holme@hotmail.com> | 2016-04-03 17:55:17 +0100 |
commit | e655ae0c80aa3ddbacc20cac349336e4696d7d74 (patch) | |
tree | aedb212a557b283e06c65adb069d13cd696f13d3 /lib | |
parent | 7a7cdf264dbf40210c728d1fb3293968826a0d38 (diff) |
curl_sasl: Fixed potential null pointer utilisation
Although this should never happen due to the relationship between the
'mech' and 'resp' variables, and the way they are allocated together,
it does cause problems for code analysis tools:
V595 The 'mech' pointer was utilized before it was verified against
nullptr. Check lines: 376, 381. curl_sasl.c 376
Bug: https://github.com/curl/curl/issues/745
Reported-by: Alexis La Goutte
Diffstat (limited to 'lib')
-rw-r--r-- | lib/curl_sasl.c | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c index a4568d6d3..13cf4e954 100644 --- a/lib/curl_sasl.c +++ b/lib/curl_sasl.c @@ -373,19 +373,17 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn, } } - if(!result) { + if(!result && mech) { if(resp && sasl->params->maxirlen && strlen(mech) + len > sasl->params->maxirlen) { free(resp); resp = NULL; } - if(mech) { - result = sasl->params->sendauth(conn, mech, resp); - if(!result) { - *progress = SASL_INPROGRESS; - state(sasl, conn, resp? state2: state1); - } + result = sasl->params->sendauth(conn, mech, resp); + if(!result) { + *progress = SASL_INPROGRESS; + state(sasl, conn, resp ? state2 : state1); } } |