Nil request dereference in ACLExtUser and SourceDomainCheck ACLs (#1931)

ACLExtUser-based ACLs (i.e. ext_user and ext_user_regex) dereferenced a
nil request pointer when they were used in a context without a request
(e.g., when honoring on_unsupported_protocol).

SourceDomainCheck-based ACLs (i.e. srcdomain and srcdom_regex) have a
similar bug, although we do not know whether broken slow ACL code is
reachable without a request (e.g., on_unsupported_protocol tests cannot
reach that code until that directive starts supporting slow ACLs). This
change does not start to require request presence for these two ACLs to
avoid breaking any existing configurations that "work" without one.

diff --git a/src/acl/ExtUser.h b/src/acl/ExtUser.h
index 3faaeeb0f06229fbb8d56217a2c005376e4d165b..a851be8824f4a68a91c0926696f39bfcf32a0c42 100644 (file)
--- a/src/acl/ExtUser.h
+++ b/src/acl/ExtUser.h
@@ -27,6 +27,7 @@ public:
     char const *typeString() const override;
     void parse() override;
     int match(ACLChecklist *checklist) override;
+    bool requiresRequest() const override { return true; }
     SBufList dump() const override;
     bool empty () const override;
 

diff --git a/src/acl/SourceDomain.cc b/src/acl/SourceDomain.cc
index f3267f15bbafc89408bb176a13c0380585ac882b..343e0d7ae1520c9a8667f9f44b9e4f61234551b7 100644 (file)
--- a/src/acl/SourceDomain.cc
+++ b/src/acl/SourceDomain.cc
@@ -30,7 +30,11 @@ LookupDone(const char *, const Dns::LookupDetails &details, void *data)
 {
     ACLFilledChecklist *checklist = Filled((ACLChecklist*)data);
     checklist->markSourceDomainChecked();
-    checklist->request->recordLookup(details);
+    if (checklist->request)
+        checklist->request->recordLookup(details);
+    else
+        debugs(28, 3, "no request to recordLookup()");
+
     checklist->resumeNonBlockingCheck();
 }