From 7fc28acf56ca024feb76119bc53be4a767624c6e Mon Sep 17 00:00:00 2001 From: Jaroslav Kysela Date: Fri, 3 Oct 2014 14:47:23 +0200 Subject: [PATCH] http: handle negative value from base64_decode (coverity) --- src/http.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/http.c b/src/http.c index f5913174..dc9e741d 100644 --- a/src/http.c +++ b/src/http.c @@ -638,6 +638,8 @@ process_request(http_connection_t *hc, htsbuf_queue_t *spill) if((v = http_arg_get(&hc->hc_args, "Authorization")) != NULL) { if((n = http_tokenize(v, argv, 2, -1)) == 2) { n = base64_decode(authbuf, argv[1], sizeof(authbuf) - 1); + if (n < 0) + n = 0; authbuf[n] = 0; if((n = http_tokenize((char *)authbuf, argv, 2, ':')) == 2) { hc->hc_username = strdup(argv[0]);