Catch malloc return failures. This should help avoid dereferencing NULL on

low-memory situations. Submitted by: kris
author: nsayer <nsayer@FreeBSD.org> 2001-05-16 18:17:55 +0000
committer: nsayer <nsayer@FreeBSD.org> 2001-05-16 18:17:55 +0000
commit: ce94eedfd7bd26a15c6f1b0f9484bbade3510f74 (patch)
tree: f5bc449b25f2468dfa852fa37e5746041141f5fd /crypto
parent: dafd513732df8c8fa7b8c5069ae3af2203853494 (diff)
download: FreeBSD-src-ce94eedfd7bd26a15c6f1b0f9484bbade3510f74.zip
FreeBSD-src-ce94eedfd7bd26a15c6f1b0f9484bbade3510f74.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/crypto/telnet/libtelnet/sra.c b/crypto/telnet/libtelnet/sra.c
index 395f217..0d49453 100644
--- a/crypto/telnet/libtelnet/sra.c
+++ b/crypto/telnet/libtelnet/sra.c
@@ -93,6 +93,11 @@ int server;
 	xuser = (char *)malloc(512);
 	pass = (char *)malloc(256);
 	xpass = (char *)malloc(512);
+
+	if (user == NULL || xuser == NULL || pass == NULL || xpass ==
+	NULL)
+		return 0; /* malloc failed */
+
 	passwd_sent = 0;
 	
 	genkeys(pka,ska);
@@ -534,6 +539,9 @@ auth_conv(int num_msg, const struct pam_message **msg,
 	struct pam_response *reply =
 		malloc(sizeof(struct pam_response) * num_msg);
 
+	if (reply == NULL)
+		return PAM_BUF_ERR;
+
 	for (i = 0; i < num_msg; i++) {
 		switch (msg[i]->msg_style) {
 		case PAM_PROMPT_ECHO_ON:        /* assume want user name */
author	nsayer <nsayer@FreeBSD.org>	2001-05-16 18:17:55 +0000
committer	nsayer <nsayer@FreeBSD.org>	2001-05-16 18:17:55 +0000
commit	ce94eedfd7bd26a15c6f1b0f9484bbade3510f74 (patch)
tree	f5bc449b25f2468dfa852fa37e5746041141f5fd /crypto
parent	dafd513732df8c8fa7b8c5069ae3af2203853494 (diff)
download	FreeBSD-src-ce94eedfd7bd26a15c6f1b0f9484bbade3510f74.zip FreeBSD-src-ce94eedfd7bd26a15c6f1b0f9484bbade3510f74.tar.gz