From: Christos Tsantilas <christos@chtsanti.net>
Date: Fri, 9 Aug 2019 04:18:37 +0000 (+0000)
Subject: Fix parsing of certificate validator responses (#452)
X-Git-Tag: SQUID_5_0_1~59
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=77da1d910443cae455b5764d8d768bd3870f45ed;p=thirdparty%2Fsquid.git

Fix parsing of certificate validator responses (#452)

If a certificate validator did not end its response with an end-of-line
or whitespace character, then Squid, while parsing the response,
accessed the bytes after the end of the buffer where the response is
stored.

This is a Measurement Factory project.
---

diff --git a/src/ssl/cert_validate_message.cc b/src/ssl/cert_validate_message.cc
index 3f250dd044..deec6518db 100644
--- a/src/ssl/cert_validate_message.cc
+++ b/src/ssl/cert_validate_message.cc
@@ -171,7 +171,7 @@ Ssl::CertValidationMsg::parseResponse(CertValidationResponse &resp, std::string
             return false;
         }
 
-        param = value + value_len +1;
+        param = value + value_len;
     }
 
     /*Run through parsed errors to check for errors*/