From f41ff608831b843719835f3657182a8c00aabbae Mon Sep 17 00:00:00 2001 From: Tobias Schramm Date: Sun, 18 Feb 2018 13:46:05 +0100 Subject: [PATCH] uclient-http: basic auth: Handle memory allocation failure Allocation of the base64 buffer might fail, resulting in a null ptr being passed to base64_encode as a target buffer Signed-off-by: Tobias Schramm --- uclient-http.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/uclient-http.c b/uclient-http.c index ef8de98..36e2b38 100644 --- a/uclient-http.c +++ b/uclient-http.c @@ -299,7 +299,7 @@ static bool uclient_request_supports_body(enum request_type req_type) } } -static void +static int uclient_http_add_auth_basic(struct uclient_http *uh) { struct uclient_url *url = uh->uc.url; @@ -307,11 +307,16 @@ uclient_http_add_auth_basic(struct uclient_http *uh) char *auth_buf; if (auth_len > 512) - return; + return -EINVAL; auth_buf = alloca(base64_len(auth_len) + 1); + if (!auth_buf) + return -ENOMEM; + base64_encode(url->auth, auth_len, auth_buf); ustream_printf(uh->us, "Authorization: Basic %s\r\n", auth_buf); + + return 0; } static char *digest_unquote_sep(char **str) -- 2.25.1