Fixed some out of memory handling issues.

  if(pickhost || pickproxy) {

  if(pickhost || pickproxy) {

    data->reqdata.newurl = strdup(data->change.url); /* clone URL */

    data->reqdata.newurl = strdup(data->change.url); /* clone URL */

    if (!data->reqdata.newurl)

      return CURLE_OUT_OF_MEMORY;

    if((data->set.httpreq != HTTPREQ_GET) &&

    if((data->set.httpreq != HTTPREQ_GET) &&

       (data->set.httpreq != HTTPREQ_HEAD) &&

       (data->set.httpreq != HTTPREQ_HEAD) &&

    if((data->set.httpreq != HTTPREQ_GET) &&

    if((data->set.httpreq != HTTPREQ_GET) &&

       (data->set.httpreq != HTTPREQ_HEAD)) {

       (data->set.httpreq != HTTPREQ_HEAD)) {

      data->reqdata.newurl = strdup(data->change.url); /* clone URL */

      data->reqdata.newurl = strdup(data->change.url); /* clone URL */

      if (!data->reqdata.newurl)

        return CURLE_OUT_OF_MEMORY;

      data->state.authhost.done = TRUE;

      data->state.authhost.done = TRUE;

    }

    }

  }

  }

  if(s) {

  if(s) {

    CURLcode result = add_buffer(in, s, strlen(s));

    CURLcode result = add_buffer(in, s, strlen(s));

    free(s);

    free(s);

    if(CURLE_OK == result)

    return result;

      return CURLE_OK;

  }

  }

  /* If we failed, we cleanup the whole buffer and return error */

  /* If we failed, we cleanup the whole buffer and return error */

  if(in->buffer)

  if(in->buffer)

      /* create a new buffer */

      /* create a new buffer */

      new_rb = (char *)malloc(new_size);

      new_rb = (char *)malloc(new_size);

    if(!new_rb)

    if(!new_rb) {

      /* If we failed, we cleanup the whole buffer and return error */

      Curl_safefree(in->buffer);

      free(in);

      return CURLE_OUT_OF_MEMORY;

      return CURLE_OUT_OF_MEMORY;

    }

    in->buffer = new_rb;

    in->buffer = new_rb;

    in->size_max = new_size;

    in->size_max = new_size;

        if(!checkheaders(data, "User-Agent:") && data->set.useragent)

        if(!checkheaders(data, "User-Agent:") && data->set.useragent)

          useragent = conn->allocptr.uagent;

          useragent = conn->allocptr.uagent;

        if(CURLE_OK == result) {

	/* Send the connect request to the proxy */

	/* Send the connect request to the proxy */

	/* BLOCKING */

	/* BLOCKING */

	result =

	result =

		      useragent,

		      useragent,

		      proxyconn);

		      proxyconn);

          if(CURLE_OK == result)

            result = add_custom_headers(conn, req_buffer);

	if(host && *host)

	if(host && *host)

	  free(host);

	  free(host);

	if(CURLE_OK == result)

	  result = add_custom_headers(conn, req_buffer);

	if(CURLE_OK == result)

	if(CURLE_OK == result)

	  /* CRLF terminate the request */

	  /* CRLF terminate the request */

	  result = add_bufferf(req_buffer, "\r\n");

	  result = add_bufferf(req_buffer, "\r\n");

	  /* Now send off the request */

	  /* Now send off the request */

	  result = add_buffer_send(req_buffer, conn,

	  result = add_buffer_send(req_buffer, conn,

				   &data->info.request_size, 0, sockindex);

				   &data->info.request_size, 0, sockindex);

            req_buffer = NULL;

          }

	}

	}

        req_buffer = NULL;

        if(result)

        if(result)

          failf(data, "Failed sending CONNECT to proxy");

          failf(data, "Failed sending CONNECT to proxy");

      }

      }

static CURLcode add_custom_headers(struct connectdata *conn,

static CURLcode add_custom_headers(struct connectdata *conn,

                                   send_buffer *req_buffer)

                                   send_buffer *req_buffer)

{

{

  CURLcode result = CURLE_OK;

  char *ptr;

  char *ptr;

  struct curl_slist *headers=conn->data->set.headers;

  struct curl_slist *headers=conn->data->set.headers;

                               strlen("Content-Type:")))

                               strlen("Content-Type:")))

          ;

          ;

        else {

        else {

          result = add_bufferf(req_buffer, "%s\r\n", headers->data);

          CURLcode result = add_bufferf(req_buffer, "%s\r\n", headers->data);

          if(result)

          if(result)

            return result;

            return result;

        }

        }

    }

    }

    headers = headers->next;

    headers = headers->next;

  }

  }

  return result;

  return CURLE_OK;

}

}

/*

/*

          /* set the upload size to the progress meter */

          /* set the upload size to the progress meter */

          Curl_pgrsSetUploadSize(data, http->postsize);

          Curl_pgrsSetUploadSize(data, http->postsize);

          add_buffer(req_buffer, "\r\n", 2); /* end of headers! */

          result = add_buffer(req_buffer, "\r\n", 2); /* end of headers! */

          if(result)

            return result;

        }

        }

      }

      }

      else {

      else {

        add_buffer(req_buffer, "\r\n", 2); /* end of headers! */

        result = add_buffer(req_buffer, "\r\n", 2); /* end of headers! */

        if(result)

          return result;

        if(data->set.postfieldsize) {

        if(data->set.postfieldsize) {

          /* set the upload size to the progress meter */

          /* set the upload size to the progress meter */

      break;

      break;

    default:

    default:

      add_buffer(req_buffer, "\r\n", 2);

      result = add_buffer(req_buffer, "\r\n", 2);

      if(result)

        return result;

      /* issue the request */

      /* issue the request */

      result = add_buffer_send(req_buffer, conn,

      result = add_buffer_send(req_buffer, conn,

/*

/*

 * Set up nt hashed passwords

 * Set up nt hashed passwords

 */

 */

static void mk_nt_hash(struct SessionHandle *data,

static CURLcode mk_nt_hash(struct SessionHandle *data,

                           char *password,

                           char *password,

                           unsigned char *ntbuffer /* 21 bytes */)

                           unsigned char *ntbuffer /* 21 bytes */)

{

{

  size_t len = strlen(password);

  size_t len = strlen(password);

  unsigned char *pw = malloc(len*2);

  unsigned char *pw = malloc(len*2);

  if (!pw)

  if (!pw)

    /* No way to report this error; just rely on future malloc failures

    return CURLE_OUT_OF_MEMORY;

       to be caught */

    return;

  utf8_to_unicode_le(pw, password, len);

  utf8_to_unicode_le(pw, password, len);

  }

  }

  free(pw);

  free(pw);

  return CURLE_OK;

}

}

#endif

#endif

      MD5_Final(md5sum, &MD5);

      MD5_Final(md5sum, &MD5);

      /* We shall only use the first 8 bytes of md5sum,

      /* We shall only use the first 8 bytes of md5sum,

         but the des code in lm_resp only encrypt the first 8 bytes */

         but the des code in lm_resp only encrypt the first 8 bytes */

      mk_nt_hash(conn->data, passwdp, ntbuffer);

      if (mk_nt_hash(conn->data, passwdp, ntbuffer) == CURLE_OUT_OF_MEMORY)

        return CURLE_OUT_OF_MEMORY;

      lm_resp(ntbuffer, md5sum, ntresp);

      lm_resp(ntbuffer, md5sum, ntresp);

      /* End of NTLM2 Session code */

      /* End of NTLM2 Session code */

      unsigned char lmbuffer[0x18];

      unsigned char lmbuffer[0x18];

#if USE_NTRESPONSES

#if USE_NTRESPONSES

      mk_nt_hash(conn->data, passwdp, ntbuffer);

      if (mk_nt_hash(conn->data, passwdp, ntbuffer) == CURLE_OUT_OF_MEMORY)

        return CURLE_OUT_OF_MEMORY;

      lm_resp(ntbuffer, &ntlm->nonce[0], ntresp);

      lm_resp(ntbuffer, &ntlm->nonce[0], ntresp);

#endif

#endif