From: Amos Jeffries <squid3@treenet.co.nz>
Date: Sat, 9 Feb 2013 06:42:44 +0000 (-0700)
Subject: Fix parsing of max-stale values in Surrogate-Control header
X-Git-Tag: SQUID_3_2_8~19
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a39d92d6d2e4e42996ae146ef04f1d27e8dab39f;p=thirdparty%2Fsquid.git

Fix parsing of max-stale values in Surrogate-Control header

Skip parsing of the max-stale field when the initial max-age value
is not a valid integer value.

 Detected by Coverity Scan. Issue 740361
---

diff --git a/src/HttpHdrSc.cc b/src/HttpHdrSc.cc
index 34e94f3bb3..05162e1c1c 100644
--- a/src/HttpHdrSc.cc
+++ b/src/HttpHdrSc.cc
@@ -196,22 +196,23 @@ HttpHdrSc::parse(const String * str)
             int ma;
             if (p && httpHeaderParseInt(p, &ma)) {
                 sct->maxAge(ma);
+
+                if ((p = strchr (p, '+'))) {
+                    int ms;
+                    ++p; //skip the + char
+                    if (httpHeaderParseInt(p, &ms)) {
+                        sct->maxStale(ms);
+                    } else {
+                        debugs(90, 2, "sc: invalid max-stale specs near '" << item << "'");
+                        sct->clearMaxStale();
+                        /* leave the max-age alone */
+                    }
+                }
             } else {
                 debugs(90, 2, "sc: invalid max-age specs near '" << item << "'");
                 sct->clearMaxAge();
             }
 
-            if ((p = strchr (p, '+'))) {
-                int ms;
-                ++p; //skip the + char
-                if (httpHeaderParseInt(p, &ms)) {
-                    sct->maxStale(ms);
-                } else {
-                    debugs(90, 2, "sc: invalid max-stale specs near '" << item << "'");
-                    sct->clearMaxStale();
-                    /* leave the max-age alone */
-                }
-            }
             break;
         }