-CHANGES - 2.3.0 - 2019-06-13
+CHANGES - 2.3.0 - 2019-06-17
============================
- Eliminated some new GCC compiler warnings (Issue #5591)
- Removed dead code from the scheduler (Issue #5593)
- "make" failed with GZIP options (Issue #5595)
+- Fixed a NULL pointer dereference bug in `httpGetSubField2` (Issue #5598)
- Fixed an issue with `EXPECT !name WITH-VALUE ...` tests.
- Fixed a command ordering issue in the Zebra ZPL driver.
/*
* HTTP routines for CUPS.
*
- * Copyright 2007-2018 by Apple Inc.
- * Copyright 1997-2007 by Easy Software Products, all rights reserved.
+ * Copyright © 2007-2019 by Apple Inc.
+ * Copyright © 1997-2007 by Easy Software Products, all rights reserved.
*
* This file contains Kerberos support code, copyright 2006 by
* Jelmer Vernooij.
DEBUG_printf(("2httpGetSubField2(http=%p, field=%d, name=\"%s\", value=%p, valuelen=%d)", (void *)http, field, name, (void *)value, valuelen));
+ if (value)
+ *value = '\0';
+
if (!http || !name || !value || valuelen < 2 ||
- field <= HTTP_FIELD_UNKNOWN || field >= HTTP_FIELD_MAX)
+ field <= HTTP_FIELD_UNKNOWN || field >= HTTP_FIELD_MAX || !http->fields[field])
return (NULL);
end = value + valuelen - 1;