Fix various null dereferences

Fairly rare occurances hard to hit but still possible. Any one of these
could crash Squid in their particular circumstances.

  Detected by Coverity Scan. Issue 1187972, 1187973, 1232097, 1241502.

diff --git a/src/auth/digest/UserRequest.cc b/src/auth/digest/UserRequest.cc
index b4a5b07877350d4206e303df31b1f67ff0d99375..858708a76c2abfa7025718e84f876f31341b2272 100644 (file)
--- a/src/auth/digest/UserRequest.cc
+++ b/src/auth/digest/UserRequest.cc
@@ -237,6 +237,9 @@ Auth::Digest::UserRequest::addAuthenticationInfoHeader(HttpReply * rep, int acce
     if ((static_cast<Auth::Digest::Config*>(Auth::Config::Find("digest"))->authenticateProgram) && authDigestNonceLastRequest(nonce)) {
         flags.authinfo_sent = true;
         Auth::Digest::User *digest_user = dynamic_cast<Auth::Digest::User *>(user().getRaw());
+        if (!digest_user)
+            return;
+
         digest_nonce_h *nextnonce = digest_user->currentNonce();
         if (!nextnonce || authDigestNonceLastRequest(nonce)) {
             nextnonce = authenticateDigestNonceNew();

diff --git a/src/helper.cc b/src/helper.cc
index 51d9396f608b9102fa4a779960746b7e31f5d67b..96cb72fef49574d91a0d9d6d134683e909ec2d6f 100644 (file)
--- a/src/helper.cc
+++ b/src/helper.cc
@@ -415,7 +415,7 @@ helperStatefulSubmit(statefulhelper * hlp, const char *buf, HLPCB * callback, vo
     }
 
     debugs(84, DBG_DATA, "placeholder: '" << r->placeholder <<
-           "', " << Raw("buf", buf, strlen(buf)));
+           "', " << Raw("buf", buf, (!buf?0:strlen(buf))));
 }
 
 /**

diff --git a/src/servers/FtpServer.cc b/src/servers/FtpServer.cc
index 1465425f0809a750be78e5f48628536b52cb0e8d..c459a5cfef7c80fd396b6ed6c533826dc0c347cb 100644 (file)
--- a/src/servers/FtpServer.cc
+++ b/src/servers/FtpServer.cc
@@ -604,6 +604,7 @@ Ftp::Server::earlyError(const EarlyErrorKind eek)
     clientStreamNode *node = context->getClientReplyContext();
     Must(node);
     clientReplyContext *repContext = dynamic_cast<clientReplyContext *>(node->data.getRaw());
+    Must(repContext);
 
     // We cannot relay FTP scode/reason via HTTP-specific ErrorState.
     // TODO: When/if ErrorState can handle native FTP errors, use it instead.

diff --git a/tools/squidclient/Ping.cc b/tools/squidclient/Ping.cc
index 9f5f9d09d1a17b8a85c7067b4f3eb709ed889dc9..01f235c6f57a2421a38b22a9ea4e117b2ff5ec2b 100644 (file)
--- a/tools/squidclient/Ping.cc
+++ b/tools/squidclient/Ping.cc
@@ -194,7 +194,10 @@ Ping::TheConfig::parseCommandOpts(int argc, char *argv[], int c, int &optIndex)
             break;
 
         case 'I':
-            if ((interval = atoi(optarg) * 1000) <= 0) {
+            if (!optarg) {
+                std::cerr << "ERROR: -I ping interval missing parameter." << std::endl;
+                usage();
+            } else if ((interval = atoi(optarg) * 1000) <= 0) {
                 std::cerr << "ERROR: -I ping interval out of range (0-" << (INT_MAX/1000) << ")." << std::endl;
                 usage();
             }