From 5fe164a258b2a8524de1bfa58e8faa082770bcdd Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 23 Dec 2016 00:06:25 +0100 Subject: ftp-gss: check for init before use To avoid dereferencing a NULL pointer. Reported-by: Daniel Romero --- lib/security.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lib/security.c') diff --git a/lib/security.c b/lib/security.c index 4a8f44433..f4a876341 100644 --- a/lib/security.c +++ b/lib/security.c @@ -367,6 +367,10 @@ int Curl_sec_read_msg(struct connectdata *conn, char *buffer, size_t decoded_sz = 0; CURLcode error; + if(!conn->mech) + /* not inititalized, return error */ + return -1; + DEBUGASSERT(level > PROT_NONE && level < PROT_LAST); error = Curl_base64_decode(buffer + 4, (unsigned char **)&buf, &decoded_sz); -- cgit v1.2.3