From 2e04c57929aaae8b36b57e873b680b32304b29c4 Mon Sep 17 00:00:00 2001
From: John Mark Bell <jmb@netsurf-browser.org>
Date: Fri, 25 Feb 2011 00:41:16 +0000
Subject: Fix WWW-Authenticate parsing to leave f->realm alone if there is no
 realm specified in the header

svn path=/trunk/netsurf/; revision=11793
---
 content/fetchers/curl.c | 28 +++++++++++++---------------
 1 file changed, 13 insertions(+), 15 deletions(-)

(limited to 'content')

diff --git a/content/fetchers/curl.c b/content/fetchers/curl.c
index 2d5f29a10..f272777b4 100644
--- a/content/fetchers/curl.c
+++ b/content/fetchers/curl.c
@@ -1048,12 +1048,6 @@ size_t fetch_curl_header(char *data, size_t size, size_t nmemb,
 			f->content_length = atol(data + i);
 	} else if (17 < size && strncasecmp(data, "WWW-Authenticate:", 17) == 0) {
 		/* extract the first Realm from WWW-Authenticate header */
-		free(f->realm);
-		f->realm = malloc(size);
-		if (!f->realm) {
-			LOG(("malloc failed"));
-			return size;
-		}
 		SKIP_ST(17);
 
 		while (i < (int) size - 5 &&
@@ -1064,15 +1058,19 @@ size_t fetch_curl_header(char *data, size_t size, size_t nmemb,
 		i++;
 
 		if (i < (int) size) {
-			strncpy(f->realm, data + i, size - i);
-			f->realm[size - i] = '\0';
-			for (i = size - i - 1; i >= 0 &&
-					(f->realm[i] == ' ' ||
-					f->realm[i] == '"' ||
-					f->realm[i] == '\t' ||
-					f->realm[i] == '\r' ||
-					f->realm[i] == '\n'); --i)
-				f->realm[i] = '\0';
+			free(f->realm);
+			f->realm = malloc(size - i + 1);
+			if (f->realm != NULL) {
+				strncpy(f->realm, data + i, size - i);
+				f->realm[size - i] = '\0';
+				for (i = size - i - 1; i >= 0 &&
+						(f->realm[i] == ' ' ||
+						f->realm[i] == '"' ||
+						f->realm[i] == '\t' ||
+						f->realm[i] == '\r' ||
+						f->realm[i] == '\n'); --i)
+					f->realm[i] = '\0';
+			}
 		}
 	} else if (11 < size && strncasecmp(data, "Set-Cookie:", 11) == 0) {
 		/* extract Set-Cookie header */
-- 
cgit v1.2.3