Fix for bug 9608. adding check that tokenized header is valid.

Review URL: http://codereview.chromium.org/60008

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@13050 0039d316-1c4b-4281-b951-d872f2087c98

2 files changed, 12 insertions, 1 deletions

diff --git a/net/http/http_auth.cc b/net/http/http_auth.cc
index d65fb4e..ce3e110 100644
--- a/net/http/http_auth.cc
+++ b/net/http/http_auth.cc
@@ -55,8 +55,12 @@ void HttpAuth::CreateAuthHandler(const std::string& challenge,
                                  scoped_refptr<HttpAuthHandler>* handler) {
   // Find the right auth handler for the challenge's scheme.
   ChallengeTokenizer props(challenge.begin(), challenge.end());
-  scoped_refptr<HttpAuthHandler> tmp_handler;
+  if (!props.valid()) {
+    *handler = NULL;
+    return;
+  }
 
+  scoped_refptr<HttpAuthHandler> tmp_handler;
   if (LowerCaseEqualsASCII(props.scheme(), "basic")) {
     tmp_handler = new HttpAuthHandlerBasic();
   } else if (LowerCaseEqualsASCII(props.scheme(), "digest")) {
diff --git a/net/http/http_auth_unittest.cc b/net/http/http_auth_unittest.cc
index 0599246..9bd750e 100644
--- a/net/http/http_auth_unittest.cc
+++ b/net/http/http_auth_unittest.cc
@@ -39,6 +39,13 @@ TEST(HttpAuthTest, ChooseBestChallenge) {
 
       // Pick Digset over Basic
       "DigestRealm",
+    },
+    {
+      "Y: Digest realm=\"X\", nonce=\"aaaaaaaaaa\"\n"
+      "www-authenticate:\n",
+
+      // Handle null header value.
+      "",
     }
   };