diff options
| author | ace@google.com <ace@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-04-02 22:51:21 +0000 |
|---|---|---|
| committer | ace@google.com <ace@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2009-04-02 22:51:21 +0000 |
| commit | ce3bd9ed587c3e95280387a1a78b16682352647b (patch) | |
| tree | eafe41b764ab24bb70b2ea77968fe567912ebbeb /net/http/http_auth.cc | |
| parent | dbf63802c407b932bd9dae2d62c4c436b26903af (diff) | |
| download | chromium_src-ce3bd9ed587c3e95280387a1a78b16682352647b.zip chromium_src-ce3bd9ed587c3e95280387a1a78b16682352647b.tar.gz chromium_src-ce3bd9ed587c3e95280387a1a78b16682352647b.tar.bz2 | |
Fix for bug 9608. adding check that tokenized header is valid.
Review URL: http://codereview.chromium.org/60008
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@13050 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/http/http_auth.cc')
| -rw-r--r-- | net/http/http_auth.cc | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/net/http/http_auth.cc b/net/http/http_auth.cc index d65fb4e..ce3e110 100644 --- a/net/http/http_auth.cc +++ b/net/http/http_auth.cc @@ -55,8 +55,12 @@ void HttpAuth::CreateAuthHandler(const std::string& challenge, scoped_refptr<HttpAuthHandler>* handler) { // Find the right auth handler for the challenge's scheme. ChallengeTokenizer props(challenge.begin(), challenge.end()); - scoped_refptr<HttpAuthHandler> tmp_handler; + if (!props.valid()) { + *handler = NULL; + return; + } + scoped_refptr<HttpAuthHandler> tmp_handler; if (LowerCaseEqualsASCII(props.scheme(), "basic")) { tmp_handler = new HttpAuthHandlerBasic(); } else if (LowerCaseEqualsASCII(props.scheme(), "digest")) { |