From patchwork Sun Feb 18 03:36:37 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Tobias Schramm <tobleminer@gmail.com>
X-Patchwork-Id: 874844
X-Patchwork-Delegate: blogic@openwrt.org
Return-Path: <openwrt-devel-bounces@lists.openwrt.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=pass (helo) smtp.helo=arrakis.dune.hu
	(client-ip=78.24.191.176; helo=arrakis.dune.hu;
	envelope-from=openwrt-devel-bounces@lists.openwrt.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com
	header.b="brwA0vRL"; dkim-atps=neutral
Received: from arrakis.dune.hu (arrakis.dune.hu [78.24.191.176])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 3zkXdn2ZcSz9ryg
	for <incoming@patchwork.ozlabs.org>;
	Sun, 18 Feb 2018 14:38:05 +1100 (AEDT)
Received: from arrakis.dune.hu (localhost [127.0.0.1])
	by arrakis.dune.hu (Postfix) with ESMTP id 06692B91365;
	Sun, 18 Feb 2018 04:37:18 +0100 (CET)
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on arrakis.dune.hu
X-Spam-Level: 
X-Spam-Status: No, score=-1.5 required=5.0 tests=BAYES_00,FREEMAIL_FROM,
	T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.1
Received: from arrakis.dune.hu (localhost [127.0.0.1])
	by arrakis.dune.hu (Postfix) with ESMTP;
	Sun, 18 Feb 2018 04:37:18 +0100 (CET)
Received: from arrakis.dune.hu (localhost [127.0.0.1])
	by arrakis.dune.hu (Postfix) with ESMTP id C6EF3B912A2
	for <openwrt-devel@lists.openwrt.org>;
	Sun, 18 Feb 2018 04:37:08 +0100 (CET)
X-policyd-weight: using cached result; rate: -7
Received: from mail-lf0-f65.google.com (mail-lf0-f65.google.com
	[209.85.215.65]) by arrakis.dune.hu (Postfix) with ESMTPS
	for <openwrt-devel@lists.openwrt.org>;
	Sun, 18 Feb 2018 04:37:08 +0100 (CET)
Received: by mail-lf0-f65.google.com with SMTP id j193so8900756lfe.0
	for <openwrt-devel@lists.openwrt.org>;
	Sat, 17 Feb 2018 19:37:08 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=JymLS/CgGPXhyUj/fOaLg0eNYc/V3rofQEYtL/ujEUg=;
	b=brwA0vRL2ZBGzSVgjY5XPk05uhhN5oH+4VNcYZ+XtuWo+7rOORkpDS+WjgsBMfvL9U
	IJhSqbbHoyH9tW3ZjolUj9CWP9QzLe5kwPSh7GZrtF/Ryb+3rRfP9BkktTWl/oGf99Ce
	OoHXAZCDcDanzVOwQpQ2990NK5mWezccscDY4FQDjXBbWS+fwGOmZ9CZvN10zfXg3L2q
	ZgxvRwDoBO0uEYjsfCmFPDFbydBGsAWNUqc9kJa2g4WIjYc5yCUWfV0BhC8NxrJGYWZr
	8dg+2885AHbtk66Xge/QxunrwaNfV0nFb10UEgH2zIsxIm/H8KHUmW0+78+ccH8pBocU
	ev1Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=JymLS/CgGPXhyUj/fOaLg0eNYc/V3rofQEYtL/ujEUg=;
	b=DKaSOaKoOotnaGAVfeV/ecirD2LdDyFtQfdRqL9r7+uenKiLzLi+tUHXNUufTy5VBE
	rXtCXCq+Z4s/f9TYbLjmY0WT30ZP1xGEcV9hA+W9wfP7fby8IRLZci0VGGQDhQasOT0+
	l3FwPKZJEoyZc2xyXzl8lzUiv8QZUJWrsfwtXEKv+9GZQHSN1X1HnyNSkUy2eAUz4pdZ
	mY9U9Mh54xvqqnHJoM6dNEfleARaUfUZG+Tc4xVs4d9BG/NUXNCmbNL3zZL4kyqvCNfU
	zTJoTGcW7/fkkCrN/ty12/aX2sGgfV62rhrcv6584ZY7R40fFVWJUVi6/rpIZDsdl4p8
	BCHA==
X-Gm-Message-State: APf1xPBZiKA2sUusy3EAvP8mk/j0I1YFWGQglJNz4GOdSONO3t/eZBRb
	CCfgkIVbVCb1fkJB+yxIVeYBAA==
X-Google-Smtp-Source: 
 AH8x226JPurs0WCFzDhrKmSFRUqBwasyFTMDI3rzTQ/9xK36cEByg2mm8+4g6urGsQM+nSp2CXyumA==
X-Received: by 10.46.31.2 with SMTP id f2mr7292646ljf.48.1518925027945;
	Sat, 17 Feb 2018 19:37:07 -0800 (PST)
Received: from sunsetshimmer.lan ([2a02:8108:17c0:1500:f666:aee7:edff:2dfc])
	by smtp.gmail.com with ESMTPSA id
	b72sm400115ljf.87.2018.02.17.19.37.06
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Sat, 17 Feb 2018 19:37:07 -0800 (PST)
From: Tobias Schramm <tobleminer@gmail.com>
To: openwrt-devel@lists.openwrt.org
Date: Sun, 18 Feb 2018 04:36:37 +0100
Message-Id: <20180218033640.17715-4-tobleminer@gmail.com>
X-Mailer: git-send-email 2.16.1
In-Reply-To: <20180218033640.17715-1-tobleminer@gmail.com>
References: <20180218033640.17715-1-tobleminer@gmail.com>
Subject: [OpenWrt-Devel] [PATCH 3/6] uclient-http: auth digest: Handle
	multiple possible memory allocation failures
X-BeenThere: openwrt-devel@lists.openwrt.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: OpenWrt Development List <openwrt-devel.lists.openwrt.org>
List-Unsubscribe: 
 <https://lists.openwrt.org/cgi-bin/mailman/options/openwrt-devel>,
	<mailto:openwrt-devel-request@lists.openwrt.org?subject=unsubscribe>
List-Archive: <http://lists.openwrt.org/pipermail/openwrt-devel/>
List-Post: <mailto:openwrt-devel@lists.openwrt.org>
List-Help: <mailto:openwrt-devel-request@lists.openwrt.org?subject=help>
List-Subscribe: 
 <https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel>,
	<mailto:openwrt-devel-request@lists.openwrt.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: openwrt-devel-bounces@lists.openwrt.org
Sender: "openwrt-devel" <openwrt-devel-bounces@lists.openwrt.org>

Signed-off-by: Tobias Schramm <tobleminer@gmail.com>
---
 uclient-http.c | 41 ++++++++++++++++++++++++++++++++---------
 1 file changed, 32 insertions(+), 9 deletions(-)

diff --git a/uclient-http.c b/uclient-http.c
index 36e051b..2a3cf5d 100644
--- a/uclient-http.c
+++ b/uclient-http.c
@@ -433,9 +433,10 @@ static void add_field(char **buf, int *ofs, int *len, const char *name, const ch
 	*ofs = cur - *buf;
 }
 
-static void
+static int
 uclient_http_add_auth_digest(struct uclient_http *uh)
 {
+	int err = 0;
 	struct uclient_url *url = uh->uc.url;
 	const char *realm = NULL, *opaque = NULL;
 	const char *user, *password;
@@ -454,14 +455,21 @@ uclient_http_add_auth_digest(struct uclient_http *uh)
 	};
 
 	len = strlen(uh->auth_str) + 1;
-	if (len > 512)
-		return;
+	if (len > 512) {
+		err = -EINVAL;
+		goto fail;
+	}
 
 	buf = alloca(len);
+	if(!buf) {
+		err = -ENOMEM;
+		goto fail;
+	}
+
 	strcpy(buf, uh->auth_str);
 
 	/* skip auth type */
-	strsep(&buf, " ");
+	char *buf_orig = strsep(&buf, " ");
 
 	next = buf;
 	while (*next) {
@@ -495,8 +503,10 @@ uclient_http_add_auth_digest(struct uclient_http *uh)
 		*dest = digest_unquote_sep(&next);
 	}
 
-	if (!realm || !data.qop || !data.nonce)
-		return;
+	if (!realm || !data.qop || !data.nonce) {
+		err = -EINVAL;
+		goto fail_buf;
+	}
 
 	sprintf(nc_str, "%08x", uh->nc++);
 	get_cnonce(cnonce_str);
@@ -510,10 +520,17 @@ uclient_http_add_auth_digest(struct uclient_http *uh)
 		char *user_buf;
 
 		len = password - url->auth;
-		if (len > 256)
-			return;
+		if (len > 256) {
+			err = -EINVAL;
+			goto fail_buf;
+		}
 
 		user_buf = alloca(len + 1);
+		if(!user_buf) {
+			err = -ENOMEM;
+			goto fail_buf;
+		}
+
 		strncpy(user_buf, url->auth, len);
 		user_buf[len] = 0;
 		user = user_buf;
@@ -540,7 +557,13 @@ uclient_http_add_auth_digest(struct uclient_http *uh)
 		add_field(&buf, &ofs, &len, "opaque", opaque);
 
 	ustream_printf(uh->us, "Authorization: Digest nc=%s, qop=%s%s\r\n", data.nc, data.qop, buf);
-	free(buf);
+
+	return 0;
+
+fail_buf:
+	free(buf_orig);
+fail:
+	return err;
 }
 
 static void