]> git.ipfire.org Git - thirdparty/squid.git/commitdiff
projects / thirdparty / squid.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7e928ef)
Fix rfcnb library potential NULL pointer dereference
authorAmos Jeffries <squid3@treenet.co.nz>
Wed, 15 Jan 2014 01:23:14 +0000 (14:23 +1300)
committerAmos Jeffries <squid3@treenet.co.nz>
Wed, 15 Jan 2014 01:23:14 +0000 (14:23 +1300)
Malformed RFCNB packet may lead to crash.

 Detected by Coverity Scan. Issue 740355.

lib/rfcnb/rfcnb-io.c patch | blob | blame | history

diff --git a/lib/rfcnb/rfcnb-io.c b/lib/rfcnb/rfcnb-io.c
index fea3b2829a12b0233dbf6edb53cdcc0ad8faee50..f628f1b3f5b849eca67d74e7c5ad527fb46762b1 100644 (file)
--- a/lib/rfcnb/rfcnb-io.c
+++ b/lib/rfcnb/rfcnb-io.c
@@ -382,7 +382,7 @@ RFCNB_Get_Pkt(struct RFCNB_Con *con, struct RFCNB_Pkt *pkt, int len)
         offset = RFCNB_Pkt_Hdr_Len;     /* Otherwise skip the header       */
     }
 
-    frag_len = pkt_frag->len;
+    frag_len = (pkt_frag ? pkt_frag->len : 0);
 
     if (more <= frag_len)       /* If len left to get less than frag space */
         this_len = more;        /* Get the rest ...                        */
Mirror of https://github.com/squid-cache/squid.git