BUILD/MINOR: htx: fix some potential null-deref warnings with http_find_stline

http_find_stline() carefully verifies that it finds a start line otherwise
returns NULL when not found. But a few calling functions ignore this NULL
in return and dereference this pointer without checking. Let's add the
test where needed in the callers. If it turns out that over the long term
a start line is mandatory, then the test will be removed and the faulty
function will have to be simplified.

This must be backported to 1.9.

diff --git a/src/http_htx.c b/src/http_htx.c
index eb71354dfc2b48c4fbba4311bfcf8aa5f146190f..a8c87b7663e426b56d4f2e5412440289a0db1008 100644 (file)
--- a/src/http_htx.c
+++ b/src/http_htx.c
@@ -220,6 +220,9 @@ int http_replace_req_meth(struct htx *htx, const struct ist meth)
        struct htx_sl *sl = http_find_stline(htx);
        struct ist uri, vsn;
 
+       if (!sl)
+               return 0;
+
        /* Start by copying old uri and version */
        chunk_memcat(temp, HTX_SL_REQ_UPTR(sl), HTX_SL_REQ_ULEN(sl)); /* uri */
        uri = ist2(temp->area, HTX_SL_REQ_ULEN(sl));
@@ -241,6 +244,9 @@ int http_replace_req_uri(struct htx *htx, const struct ist uri)
        struct htx_sl *sl = http_find_stline(htx);
        struct ist meth, vsn;
 
+       if (!sl)
+               return 0;
+
        /* Start by copying old method and version */
        chunk_memcat(temp, HTX_SL_REQ_MPTR(sl), HTX_SL_REQ_MLEN(sl)); /* meth */
        meth = ist2(temp->area, HTX_SL_REQ_MLEN(sl));
@@ -262,6 +268,9 @@ int http_replace_req_path(struct htx *htx, const struct ist path)
        struct ist meth, uri, vsn, p;
        size_t plen = 0;
 
+       if (!sl)
+               return 0;
+
        uri = htx_sl_req_uri(sl);
        p = http_get_path(uri);
        if (!p.ptr)
@@ -296,6 +305,9 @@ int http_replace_req_query(struct htx *htx, const struct ist query)
        struct ist meth, uri, vsn, q;
        int offset = 1;
 
+       if (!sl)
+               return 0;
+
        uri = htx_sl_req_uri(sl);
        q = uri;
        while (q.len > 0 && *(q.ptr) != '?') {
@@ -337,6 +349,9 @@ int http_replace_res_status(struct htx *htx, const struct ist status)
        struct htx_sl *sl = http_find_stline(htx);
        struct ist vsn, reason;
 
+       if (!sl)
+               return 0;
+
        /* Start by copying old uri and version */
        chunk_memcat(temp, HTX_SL_RES_VPTR(sl), HTX_SL_RES_VLEN(sl)); /* vsn */
        vsn = ist2(temp->area, HTX_SL_RES_VLEN(sl));
@@ -358,6 +373,9 @@ int http_replace_res_reason(struct htx *htx, const struct ist reason)
        struct htx_sl *sl = http_find_stline(htx);
        struct ist vsn, status;
 
+       if (!sl)
+               return 0;
+
        /* Start by copying old uri and version */
        chunk_memcat(temp, HTX_SL_RES_VPTR(sl), HTX_SL_RES_VLEN(sl)); /* vsn */
        vsn = ist2(temp->area, HTX_SL_RES_VLEN(sl));