From: Amos Jeffries <squid3@treenet.co.nz>
Date: Wed, 2 Jan 2013 00:42:43 +0000 (-0700)
Subject: libacl: Fix various issues in ASN and random ACL types
X-Git-Tag: SQUID_3_4_0_1~400
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=726904adbd18bdca61300ac1ad377f10c56150b1;p=thirdparty%2Fsquid.git

libacl: Fix various issues in ASN and random ACL types

* replace malloc+memset pattern with calloc in ASN ACL.
  Highlighted by Coverity Scan, issue 434128.

* Log the even where ACL random is configured with no parameters.

* Improve detecton of negative values in random ACL.
  Detected by Coverity Scan, issue 740486.

NOTE: coverity issues which brought these to view require additional
fixes.
---

diff --git a/src/acl/Asn.cc b/src/acl/Asn.cc
index a9a0f4190b..f2ba623650 100644
--- a/src/acl/Asn.cc
+++ b/src/acl/Asn.cc
@@ -395,8 +395,6 @@ asStateFree(void *data)
 static int
 asnAddNet(char *as_string, int as_number)
 {
-    rtentry_t *e;
-
     struct squid_radix_node *rn;
     CbDataList<int> **Tail = NULL;
     CbDataList<int> *q = NULL;
@@ -430,9 +428,7 @@ asnAddNet(char *as_string, int as_number)
 
     debugs(53, 3, "asnAddNet: called for " << addr << "/" << mask );
 
-    e = (rtentry_t *)xmalloc(sizeof(rtentry_t));
-
-    memset(e, '\0', sizeof(rtentry_t));
+    rtentry_t *e = (rtentry_t *)xcalloc(1, sizeof(rtentry_t));
 
     e->e_addr.addr = addr;
 
diff --git a/src/acl/Random.cc b/src/acl/Random.cc
index 35353811d7..4c0ce97770 100644
--- a/src/acl/Random.cc
+++ b/src/acl/Random.cc
@@ -88,8 +88,10 @@ ACLRandom::parse()
     char bufa[256], bufb[256];
 
     t = strtokFile();
-    if (!t)
+    if (!t) {
+        debugs(28, DBG_PARSE_NOTE(DBG_IMPORTANT), "ACL random missing pattern");
         return;
+    }
 
     debugs(28, 5, "aclParseRandomData: " << t);
 
@@ -99,7 +101,7 @@ ACLRandom::parse()
     if (sscanf(t, "%[0-9]:%[0-9]", bufa, bufb) == 2) {
         int a = xatoi(bufa);
         int b = xatoi(bufb);
-        if (a == 0 || b == 0) {
+        if (a <= 0 || b <= 0) {
             debugs(28, DBG_CRITICAL, "ERROR: ACL random with bad pattern: '" << t << "'");
             return;
         } else
@@ -107,7 +109,7 @@ ACLRandom::parse()
     } else if (sscanf(t, "%[0-9]/%[0-9]", bufa, bufb) == 2) {
         int a = xatoi(bufa);
         int b = xatoi(bufb);
-        if (a == 0 || b == 0) {
+        if (a <= 0 || b <= 0) {
             debugs(28, DBG_CRITICAL, "ERROR: ACL random with bad pattern: '" << t << "'");
             return;
         } else