aboutsummaryrefslogtreecommitdiff
path: root/lib/http2.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/http2.c')
-rw-r--r--lib/http2.c19
1 files changed, 16 insertions, 3 deletions
diff --git a/lib/http2.c b/lib/http2.c
index 0001fae5d..1a2c48649 100644
--- a/lib/http2.c
+++ b/lib/http2.c
@@ -1274,6 +1274,8 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex,
}
/* Extract :method, :path from request line */
end = strchr(hdbuf, ' ');
+ if(!end)
+ goto fail;
nva[0].name = (unsigned char *)":method";
nva[0].namelen = (uint16_t)strlen((char *)nva[0].name);
nva[0].value = (unsigned char *)hdbuf;
@@ -1283,6 +1285,8 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex,
hdbuf = end + 1;
end = strchr(hdbuf, ' ');
+ if(!end)
+ goto fail;
nva[1].name = (unsigned char *)":path";
nva[1].namelen = (uint16_t)strlen((char *)nva[1].name);
nva[1].value = (unsigned char *)hdbuf;
@@ -1299,13 +1303,16 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex,
nva[2].flags = NGHTTP2_NV_FLAG_NONE;
hdbuf = strchr(hdbuf, 0x0a);
+ if(!hdbuf)
+ goto fail;
++hdbuf;
authority_idx = 0;
for(i = 3; i < nheader; ++i) {
end = strchr(hdbuf, ':');
- assert(end);
+ if(!end)
+ goto fail;
if(end - hdbuf == 4 && Curl_raw_nequal("host", hdbuf, 4)) {
authority_idx = i;
nva[i].name = (unsigned char *)":authority";
@@ -1318,7 +1325,8 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex,
hdbuf = end + 1;
for(; *hdbuf == ' '; ++hdbuf);
end = strchr(hdbuf, 0x0d);
- assert(end);
+ if(!end)
+ goto fail;
nva[i].value = (unsigned char *)hdbuf;
nva[i].valuelen = (uint16_t)(end - hdbuf);
nva[i].flags = NGHTTP2_NV_FLAG_NONE;
@@ -1365,7 +1373,7 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex,
NULL, NULL);
}
- free(nva);
+ Curl_safefree(nva);
if(stream_id < 0) {
DEBUGF(infof(conn->data, "http2_send() send error\n"));
@@ -1405,6 +1413,11 @@ static ssize_t http2_send(struct connectdata *conn, int sockindex,
}
return len;
+
+ fail:
+ free(nva);
+ *err = CURLE_SEND_ERROR;
+ return -1;
}
CURLcode Curl_http2_setup(struct connectdata *conn)