From 0186023f4adebc5ff1bfc4ac4a3f3870d7dd68af Mon Sep 17 00:00:00 2001
From: wolfbeast <mcwerewolf@wolfbeast.com>
Date: Thu, 9 Jan 2020 22:35:03 +0100
Subject: Handle missing base64 challenge in NegotiateAuth and NTLMAuth.

---
 extensions/auth/nsHttpNegotiateAuth.cpp | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'extensions')

diff --git a/extensions/auth/nsHttpNegotiateAuth.cpp b/extensions/auth/nsHttpNegotiateAuth.cpp
index adea54b85..8b6be915e 100644
--- a/extensions/auth/nsHttpNegotiateAuth.cpp
+++ b/extensions/auth/nsHttpNegotiateAuth.cpp
@@ -530,8 +530,11 @@ nsHttpNegotiateAuth::GenerateCredentials(nsIHttpAuthenticableChannel *authChanne
             challenge++;
         len = strlen(challenge);
 
+        if (!len)
+            return NS_ERROR_UNEXPECTED;
+
         // strip off any padding (see bug 230351)
-        while (challenge[len - 1] == '=')
+        while (len && challenge[len - 1] == '=')
             len--;
 
         //
-- 
cgit v1.2.3