[OpenWrt-Devel] [PATCH v2 2/7] uclient-http: basic auth: Handle memory allocation failure

Tobias Schramm tobleminer at gmail.com
Sun Feb 18 07:46:05 EST 2018


Allocation of the base64 buffer might fail, resulting in a null
ptr being passed to base64_encode as a target buffer

Signed-off-by: Tobias Schramm <tobleminer at gmail.com>
---
 uclient-http.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/uclient-http.c b/uclient-http.c
index ef8de98..36e2b38 100644
--- a/uclient-http.c
+++ b/uclient-http.c
@@ -299,7 +299,7 @@ static bool uclient_request_supports_body(enum request_type req_type)
 	}
 }
 
-static void
+static int
 uclient_http_add_auth_basic(struct uclient_http *uh)
 {
 	struct uclient_url *url = uh->uc.url;
@@ -307,11 +307,16 @@ uclient_http_add_auth_basic(struct uclient_http *uh)
 	char *auth_buf;
 
 	if (auth_len > 512)
-		return;
+		return -EINVAL;
 
 	auth_buf = alloca(base64_len(auth_len) + 1);
+	if (!auth_buf)
+		return -ENOMEM;
+
 	base64_encode(url->auth, auth_len, auth_buf);
 	ustream_printf(uh->us, "Authorization: Basic %s\r\n", auth_buf);
+
+	return 0;
 }
 
 static char *digest_unquote_sep(char **str)
-- 
2.16.1
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel


More information about the openwrt-devel mailing list