Re: [PATCH] Missing malloc() return-value check in lib/http_negotiate.c
Date: Sat, 12 Apr 2008 18:01:46 -0400
On Apr 12, 2008, at 7:52 AM, Daniel Stenberg wrote:
> On Fri, 11 Apr 2008, Andre Guibert de Bruet wrote:
>> I have attached a patch which adds a missing NULL check in
>> http_negotiate.c in the HAVE_SPNEGO case. It also changes the
>> return value of Curl_input_negotiate() to CURLE_OUT_OF_MEMORY
>> instead of ENOMEM.
> Thanks! I committed it with some minor edits and an added comment.
> The function just returns 0 for sucess or non-zero for failure so
> using CURLE* codes don't make any difference. The function is in
> fact riddled with return codes that aren't CURLcode at all...
> Certainly rooom for improvement there!
I found another instance where the return value of malloc() was not
being checked before use. The diff is attached.
/* Andre Guibert de Bruet * 436f 6465 2070 6f65 742e 2042 6974 206a */
/* Code poet / Consultant * 6f63 6b65 792e 2053 7973 4164 6d69 6e2e */
/* GSM: +1 734 846 8758 * 2055 4e49 5820 736c 6575 7468 2e00 0000 */
/* WWW: siliconlandmark.com * C/C++, Java, Perl, PHP, SQL, XHTML, XML */
- application/octet-stream attachment: http_negotiate.c.diff