From: xiaoxiaoafeifei <zhailiangliang@loongson.cn>
Date: Tue, 2 Apr 2024 07:04:31 +0000 (+0000)
Subject: Fix heap buffer overead in ConfigParser::UnQuote() (#1763)
X-Git-Tag: SQUID_7_0_1~154
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1891ce596237b45e0a675f75c49a5f6a1111840d;p=thirdparty%2Fsquid.git

Fix heap buffer overead in ConfigParser::UnQuote() (#1763)

Detected by using AddressSanitizer.
---

diff --git a/CONTRIBUTORS b/CONTRIBUTORS
index 9e4a3214c9..cc104be4e8 100644
--- a/CONTRIBUTORS
+++ b/CONTRIBUTORS
@@ -300,6 +300,7 @@ Thank you!
     Leeann Bent <lbent@cs.ucsd.edu>
     Leonardo Taccari
     Leonid Evdokimov <leon@darkk.net.ru>
+    Liangliang Zhai <zhailiangliang@loongson.cn>
     libit <sambabug.lb@gmail.com>
     Lubos Uhliarik <luhliari@redhat.com>
     Luigi Gangitano <luigi@debian.org>
diff --git a/src/ConfigParser.cc b/src/ConfigParser.cc
index c65124ece6..0e405eb85a 100644
--- a/src/ConfigParser.cc
+++ b/src/ConfigParser.cc
@@ -181,7 +181,7 @@ ConfigParser::UnQuote(const char *token, const char **next)
     *d = '\0';
 
     // We are expecting a separator after quoted string, space or one of "()#"
-    if (*(s + 1) != '\0' && !strchr(w_space "()#", *(s + 1)) && !errorStr) {
+    if (!errorStr && *(s + 1) != '\0' && !strchr(w_space "()#", *(s + 1))) {
         errorStr = "Expecting space after the end of quoted token";
         errorPos = token;
     }