From 5a3978657d3bad0798f7bc17cf06d4bc974a0c3c Mon Sep 17 00:00:00 2001 From: Sebastian Reimers Date: Sun, 19 Nov 2023 09:07:55 +0100 Subject: [PATCH 1/2] httpauth/digest: fix httpauth_digest_response_full err check Found by coverity --- src/httpauth/digest.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/httpauth/digest.c b/src/httpauth/digest.c index 5bd6c3a25..5a23514f0 100644 --- a/src/httpauth/digest.c +++ b/src/httpauth/digest.c @@ -961,6 +961,9 @@ int httpauth_digest_response_full(struct httpauth_digest_enc_resp **presp, goto out; } + if (err) + goto out; + err = digest_response(resp, chall, method, user, passwd, entitybody); out: From 24cf59e77dca7ce3bc6e589ecb257b5a35eae03d Mon Sep 17 00:00:00 2001 From: Sebastian Reimers Date: Sun, 19 Nov 2023 09:10:04 +0100 Subject: [PATCH 2/2] httpauth/digest: fix digest_response possible NULL deref found by coverity --- src/httpauth/digest.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/httpauth/digest.c b/src/httpauth/digest.c index 5a23514f0..2c3d04ccf 100644 --- a/src/httpauth/digest.c +++ b/src/httpauth/digest.c @@ -635,12 +635,13 @@ static int digest_response(struct httpauth_digest_enc_resp *resp, uint8_t *hash1 = NULL; uint8_t *hash2 = NULL; struct mbuf *mb = NULL; - size_t hashstringl = (resp->hash_length * 2) + 1; int err = 0, n = 0; if (!resp || !resp->hashh) return EINVAL; + size_t hashstringl = (resp->hash_length * 2) + 1; + mb = mbuf_alloc(str_len(user) + str_len(passwd) + chall->realm.l + 2); if (!mb) return ENOMEM;