Commit: 087af1110ac9878aff4d9a73db1a721be386a87f
Parent: 41cdb5d241647f60e608f08c5785a60171206128
Author: Randy Palamar
Date: Fri, 25 Nov 2022 21:14:59 -0700
session.c: fix obvious use after free
note: this codepath is probably not really used
Diffstat:
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/session.c b/session.c
@@ -1777,15 +1777,16 @@ static int is_forced_download(struct object_request *rq)
struct cache_entry *ce;
unsigned char *cd;
char *s;
+ int ret = 0;
if (!rq || !(ce = rq->ce))
- return 0;
+ return ret;
if ((cd = parse_http_header(ce->head, cast_uchar "Content-Disposition", NULL))) {
if ((s = strchr(cast_const_char cd, ';'))) *s = 0;
+ ret = !casestrcmp(cd, cast_uchar "attachment");
free(cd);
- return !casestrcmp(cd, cast_uchar "attachment");
}
- return 0;
+ return ret;
}
static int plain_type(struct object_request *rq, unsigned char **p)