From ce3bd9ed587c3e95280387a1a78b16682352647b Mon Sep 17 00:00:00 2001
From: "ace@google.com" <ace@google.com@0039d316-1c4b-4281-b951-d872f2087c98>
Date: Thu, 2 Apr 2009 22:51:21 +0000
Subject: Fix for bug 9608.  adding check that tokenized header is valid.
 Review URL: http://codereview.chromium.org/60008

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@13050 0039d316-1c4b-4281-b951-d872f2087c98
---
 net/http/http_auth.cc          | 6 +++++-
 net/http/http_auth_unittest.cc | 7 +++++++
 2 files changed, 12 insertions(+), 1 deletion(-)

(limited to 'net')

diff --git a/net/http/http_auth.cc b/net/http/http_auth.cc
index d65fb4e..ce3e110 100644
--- a/net/http/http_auth.cc
+++ b/net/http/http_auth.cc
@@ -55,8 +55,12 @@ void HttpAuth::CreateAuthHandler(const std::string& challenge,
                                  scoped_refptr<HttpAuthHandler>* handler) {
   // Find the right auth handler for the challenge's scheme.
   ChallengeTokenizer props(challenge.begin(), challenge.end());
-  scoped_refptr<HttpAuthHandler> tmp_handler;
+  if (!props.valid()) {
+    *handler = NULL;
+    return;
+  }
 
+  scoped_refptr<HttpAuthHandler> tmp_handler;
   if (LowerCaseEqualsASCII(props.scheme(), "basic")) {
     tmp_handler = new HttpAuthHandlerBasic();
   } else if (LowerCaseEqualsASCII(props.scheme(), "digest")) {
diff --git a/net/http/http_auth_unittest.cc b/net/http/http_auth_unittest.cc
index 0599246..9bd750e 100644
--- a/net/http/http_auth_unittest.cc
+++ b/net/http/http_auth_unittest.cc
@@ -39,6 +39,13 @@ TEST(HttpAuthTest, ChooseBestChallenge) {
 
       // Pick Digset over Basic
       "DigestRealm",
+    },
+    {
+      "Y: Digest realm=\"X\", nonce=\"aaaaaaaaaa\"\n"
+      "www-authenticate:\n",
+
+      // Handle null header value.
+      "",
     }
   };
 
-- 
cgit v1.1