Bug #1702: Squid silently accepts defining acl's with too long name, even

if these then can not be used in http_access or other directives.

diff --git a/src/acl.cc b/src/acl.cc
index 7faffc2f443b156dc7771078f9dfaeaf575c2614..3391156784700b585b0edeec46a81437b81dd508 100644 (file)
--- a/src/acl.cc
+++ b/src/acl.cc
@@ -1,5 +1,5 @@
 /*
- * $Id: acl.cc,v 1.320 2006/05/16 05:49:44 hno Exp $
+ * $Id: acl.cc,v 1.321 2006/07/29 13:46:05 hno Exp $
  *
  * DEBUG: section 28    Access Control
  * AUTHOR: Duane Wessels
@@ -103,6 +103,12 @@ ACL::ParseAclLine(ConfigParser &parser, ACL ** head)
         return;
     }
 
+    if (strlen(t) >= ACL_NAME_SZ) {
+        debug(28, 0) ("aclParseAclLine: aclParseAclLine: ACL name '%s' too long, max %d characters supported\n", t, ACL_NAME_SZ - 1);
+        parser.destruct();
+        return;
+    }
+
     xstrncpy(aclname, t, ACL_NAME_SZ);
     /* snarf the ACL type */
     char *theType;