From b830c9cededf995fab1b0919a81658ceaec8d422 Mon Sep 17 00:00:00 2001 From: Shane Kearns Date: Fri, 9 Dec 2011 11:49:50 +0000 Subject: [PATCH] Fix null pointer dereference in NTLM authentication If NTLM authentication is required for the URL with an empty path, then QNetworkAuthenticationCache::findClosestMatch(url.path()) returns 0. e.g. "http://10.1.2.3". Return a default constructed credential in this case. Change-Id: I84ad3b308ee3f74fbbac9ad0f11dbdc66047b50b Reviewed-by: Robin Burchell Reviewed-by: Martin Petersson --- src/network/access/qnetworkaccessauthenticationmanager.cpp | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/network/access/qnetworkaccessauthenticationmanager.cpp b/src/network/access/qnetworkaccessauthenticationmanager.cpp index 1b15cf9..b618ccc 100644 --- a/src/network/access/qnetworkaccessauthenticationmanager.cpp +++ b/src/network/access/qnetworkaccessauthenticationmanager.cpp @@ -283,9 +283,12 @@ QNetworkAccessAuthenticationManager::fetchCachedCredentials(const QUrl &url, QNetworkAuthenticationCache *auth = static_cast(authenticationCache.requestEntryNow(cacheKey)); - QNetworkAuthenticationCredential cred = *auth->findClosestMatch(url.path()); + QNetworkAuthenticationCredential *cred = auth->findClosestMatch(url.path()); + QNetworkAuthenticationCredential ret; + if (cred) + ret = *cred; authenticationCache.releaseEntry(cacheKey); - return cred; + return ret; } void QNetworkAccessAuthenticationManager::clearCache() -- 2.7.4