Hi all,
I've seen a couple of crashes due to missing initialization checks
in the pos() and rpos() functions in OldString. This affects
3.1.0-current.
This patch adds those safety guards.
--
/kinkie
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: [email protected]
# target_branch: http://www.squid-cache.org/bzr/squid3/trunk/
# testament_sha1: 32042e6ca20299e2ff5f03945063c67a05cde040
# timestamp: 2009-03-01 23:22:30 +0100
# base_revision_id: [email protected]\
# bs8la3gi45wneltx
#
# Begin patch
=== modified file 'src/HttpHeaderTools.cc'
--- src/HttpHeaderTools.cc 2009-02-09 05:33:18 +0000
+++ src/HttpHeaderTools.cc 2009-03-01 22:22:22 +0000
@@ -189,7 +189,7 @@
strListIsSubstr(const String * list, const char *s, char del)
{
assert(list && del);
- return list->pos(s) != 0;
+ return (list->find(s) != String::npos);
/** \note
* Note: the original code with a loop is broken because it uses strstr()
@@ -359,7 +359,7 @@
/**
* Checks the anonymizer (header_access) configuration.
- *
+ *
* \retval 0 Header is explicitly blocked for removal
* \retval 1 Header is explicitly allowed
* \retval 1 Header has been replaced, the current version can be used.
=== modified file 'src/String.cc'
--- src/String.cc 2009-02-12 16:06:20 +0000
+++ src/String.cc 2009-03-01 22:19:44 +0000
@@ -437,18 +437,24 @@
const char *
String::pos(char const *aString) const
{
+ if (undefined())
+ return NULL;
return strstr(termedBuf(), aString);
}
const char *
String::pos(char const ch) const
{
+ if (undefined())
+ return NULL;
return strchr(termedBuf(), ch);
}
const char *
String::rpos(char const ch) const
{
+ if (undefined())
+ return NULL;
return strrchr(termedBuf(), (ch));
}
# Begin bundle
IyBCYXphYXIgcmV2aXNpb24gYnVuZGxlIHY0CiMKQlpoOTFBWSZTWXDpuqsAB13fgFQQcXP//3tn
HgC////wYAp999jCgGgoAFtNlAAJtqkBQxzAJgJkYARiYmEwmCGmJpgcwCYCZGAEYmJhMJghpiaY
HMAmAmRgBGJiYTCYIaYmmAkKQSJp7TU0eqNplDyam0IMQaBkPSPUCKhAp4hM9Kp/lTxNU81TT8jU
ntSep5TxIzU0GgIpEaEwmg0EGmgqPbUSZPUekaDRk0fqlQZBXKLJS+qi4+POjNwtQPxvW9x1nxO4
2n5LcYPE2ObHfgISQgQ4DAlPI2zd1XQi6psQtgBotJdlZ2VDLElG5rbGgyRK1uwG72+TT96Pq2rQ
xptV2pG2gVGIEy4floiEZLFQpjkLnc7LXU5mF5Fs+22gs68LxbhWC8LahUaqF4xWtYDGxsbGwYb0
E2C2hhyaOW/z6Zumq6vmu1i5R8Du6OQVZRVFsb48YxPbCZjZPXSnr1ujdh0VbLLb779Q9BtUHoPE
fF8ekycPo8KvoERVcckObzD4wDyYWTCwwsMIPq9YcAyAWwG1e8o2DzXcta1vYeQ1XsPgHWyd8Suj
TTCEgxEtfYRyAJYIWjRrsbbbbrJJ2CSrxriuDCmnha4ASe+B3AVhVNpHmMNtGIWVhCyVWtdA1CFV
zJaAtrAJqP1JUIELRqmsiZ4tGwJ3BOTrO4uPEyCQWhRcSRMytMSbCiRAhPFO3oWoamokZlpcfHt8
htX0cl3Nv8a+Cm0hGICKsdKSNy52hvJhpcbls/EI+ZY4cbhCochqwsw1VWadpyHaXtlqxqLXWVmV
6EyQbNpguRyrbYlWWmrHElBXY1VMn3gSQWEEgbQ3g13IXEG82kiZ0XvXj8l0fZfRyGeJhrbw0woI
xpJti5LQV4LXSJWquFZJmXyAJCFFkJJmDAyZDAJ3Ei9gIqExgTEnQ3kF7Fg5NIyOK1AH7LQ5m1yL
jE5O9DA2XmAXiGKwFRBJCZz2SaOlJzxK5LrMUN5id46GtajAtqwXyJmbCQVZmsgyNZYaxOA2lhia
iCsre5awfBcShfZ6BiDVqh3BgTQmURx2RsrWkuLjoKkmXrM6FmUl4MZkJLDOTMYLCqssZYkvJqli
WrBYZO26u9gvMisW0wQrNtjmVEi8vfETG6C7gDtN2x4GdDUEFbO40qj7XFF/7wNRsNTbcl7kdQa7
hYqNRTXjc3GkGs4FteheanIrLiot0LjQvJFhUdmw4cXBt5FgSidBm1vKdUpboWV5NmczibChzLjf
aVHTA8rKqaG8SotCRIkZ5kZmZIri9t1StA0KkzMyResULCJEVk4KjHQoW4YFhkry5XnI1lhrNDaZ
mRtpNy1zzc8U4RRdwyTZsqLLMyZZj8OMorW660uLbmDMk9mDeVFYcWppvOtg57zIMzceSzOr5Dxx
qjTN+jJvrRA7iMQDIukXHHgbKgbHYc+8mYlRqKa+KSaajAqGuyZMo95AzC4oVkip0Nbadby82Hw+
jdWHhCaDsxFhDxyVmVwhmqVd/1eYO4P02QB+AwQDxGAB6fgYDAbAWUJ1CaiYmZgDUMbEaT6pgxdI
vWKgrBkDUFBkMx+6sezMBfUTOSZgRAQA2M79gpaK8Zfgtyy74Yk7IY6jxXAZBI31EBBFfXlrY22N
Z17WekolStB0jQcR1FhqNJE5Or8bzgVnI4kTeZzAiSJHhoJFhQaQF6vg9oO4vXI9jw5g+ABe9pL7
Pz6IY+I/uBoDy/ltFc36o71p9/AOp06UDIg6nMrr5n3lh4kiRm6zaeDMqNhYdhvuacw7Xrc25a3k
IYPuYDqNBgzOBmazXpsJlpsyIAX6ruOJxPwQmaWnkPqQPnNBYH0GwSTD6jgD4NFfsDwUutAXM79o
VmmlBORmYrzCZuMBLi9XiTHQo6gXMrPIuPzstCi2mo+RieyHoPWKvNYT3jpBIBYfM3mwr8qH1q0+
S9CZXKldlU7Kcy8g9i42kzscBj3Q2A5ALmFkPYYL2sA1Gv9CAubTIwsDu14VPM0KjzNPc5glC4Lv
oFy/te2OY6xM2b3CEKPm38sBkfsHz8gZhAPeDoN4hkJegtwNB1LWNjiDzOR5nyPE9iZkTOR6v4+J
M3HcXlh4EIVGBYa0Mn8n5P0frucxjnydlED8l9wfoNPABYQ2scs1osgWsOwdz6BNcreB/scpFi8j
lD4DtY6iG+QC1VkbuofqPuHuP5H4G0fuHoLlNytZHm8DgPN7hAPgFuPsAuoH9HmhovZ6odqA+LO0
Axk7b9alYC6NPtxGsbRsRH3vNEc+X7xHOPkFbTQvnyXYbF7h4ULwX1OLitC2rrC8GhiAvWAfUWzm
ZrIoQihCKEIoQiGRMiesMog9PwdzM7mGGCHEemXYHmNg6lkPzGwfN91tpXi34sV9OKOdD+21mPEb
gaeG0eC5LoG4aDzQ1jjqhoMiB2rQHsM0EwQmDWgYhQMQ+LcJFG0eNQSAW/esahhAQiFGBD+wlPVQ
gNT9X8R2fcGg1jMLELkR7hh+D7wrQYAMAFwR+s0SC6tvebi5hrMQ2jtHBWlC0BwGsL7O7G0bQYDl
8hxB6Pc9ggG2UiTAYwM4B3r9h5jxrbLBO8TQyFfH7OkfIcGYwFJCaAF6QwWF16lCN4R3BRiA/HYW
AFkAawiicJx5w7R8F8x3NRrbRtBgP+x2AyHMJ0obmjtRGTFqVmvPmAtmECECEC9i3A24uUSQ1AFW
v1Hb0Xg1dYaC5tEmOQ0g00u8ZLIYjGWocw0Hgy5+4MgYC4AsHiwDaP2qOAkD8QQKbAgDZBXEfY6g
1B6vS1g2oT8m/fQ6QaFsEA7l8TLWPvZ5gtDEMnJg5gdK4iE0R81rdXWvQ/cUd46xibQ9BpW0HnpG
ofPRJDqDlxcGorGocwWjQsxIrvoCazanOtQv+LuSKcKEg4dN1Vg=
