From: Jan Klemkow <j.klemkow@wemelug.de>
Date: Fri, 18 Nov 2011 11:31:04 +0000 (+1300)
Subject: Bug 3423: access violation in URL parser
X-Git-Tag: BumpSslServerFirst.take01~24
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5e245980a191eec39d0ad5cb2c5102689df23e03;p=thirdparty%2Fsquid.git

Bug 3423: access violation in URL parser
---

diff --git a/src/url.cc b/src/url.cc
index ee1ec393ab..54b7992886 100644
--- a/src/url.cc
+++ b/src/url.cc
@@ -250,8 +250,7 @@ urlParse(const HttpRequestMethod& method, char *url, HttpRequest *request)
         *dst = '\0';
 
         /* Then its :// */
-        /* (XXX yah, I'm not checking we've got enough data left before checking the array..) */
-        if (*src != ':' || *(src + 1) != '/' || *(src + 2) != '/')
+        if ((i+3) > l || *src != ':' || *(src + 1) != '/' || *(src + 2) != '/')
             return NULL;
         i += 3;
         src += 3;