From 4f9ed23760a0706012517034959bcc2688a0646c Mon Sep 17 00:00:00 2001
From: Tollef Fog Heen <tfheen@err.no>
Date: Mon, 12 Oct 2009 08:44:46 +0200
Subject: [PATCH] Error handling in split_otp

---
 src/main.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/main.c b/src/main.c
index 6c5b996..83bb0ab 100644
--- a/src/main.c
+++ b/src/main.c
@@ -190,6 +190,7 @@ free_mem:
 static int split_otp(const char *otp, char **user, char **s_otp)
 {
 	size_t otp_len, i, j;
+	int r;
 	/* Modhex doubles the length of the string, so grab the last
 	 * YUBIKEY_BLOCK_SIZE * 2 octets to get the actual OTP */
 	otp_len = strlen(otp);
@@ -197,16 +198,23 @@ static int split_otp(const char *otp, char **user, char **s_otp)
 	assert(otp_len > YUBIKEY_BLOCK_SIZE * 2);
 	assert(yubikey_modhex_p(otp));
 
-	/* XXX error checking */
 	i = otp_len - YUBIKEY_BLOCK_SIZE * 2;
 	*user = malloc(i+1);
+	if (*user == NULL) {
+		return -1;
+	}
 	memcpy(*user, otp, i);
 	(*user)[i] = '\0';
 
 	j = YUBIKEY_BLOCK_SIZE * 2;
 	*s_otp = malloc(j+1);
+	if (*s_otp == NULL) {
+		free(*user);
+		return -1;
+	}
 	memcpy(*s_otp, otp + i, j);
 	(*s_otp)[j] = '\0';
+
 	return 0;
 }
 
-- 
2.39.5