From 0186023f4adebc5ff1bfc4ac4a3f3870d7dd68af Mon Sep 17 00:00:00 2001 From: wolfbeast Date: Thu, 9 Jan 2020 22:35:03 +0100 Subject: Handle missing base64 challenge in NegotiateAuth and NTLMAuth. --- extensions/auth/nsHttpNegotiateAuth.cpp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'extensions/auth') diff --git a/extensions/auth/nsHttpNegotiateAuth.cpp b/extensions/auth/nsHttpNegotiateAuth.cpp index adea54b85..8b6be915e 100644 --- a/extensions/auth/nsHttpNegotiateAuth.cpp +++ b/extensions/auth/nsHttpNegotiateAuth.cpp @@ -530,8 +530,11 @@ nsHttpNegotiateAuth::GenerateCredentials(nsIHttpAuthenticableChannel *authChanne challenge++; len = strlen(challenge); + if (!len) + return NS_ERROR_UNEXPECTED; + // strip off any padding (see bug 230351) - while (challenge[len - 1] == '=') + while (len && challenge[len - 1] == '=') len--; // -- cgit v1.2.3