git.ipfire.org Git - thirdparty/squid.git/commit

Bug 5383: handleNegotiationResult() level-2 debugs() crash (#1856)

Writing a nil c-string to an std::ostream object results in undefined
behavior. When Security::IoResult::errorDescription is nil, that UB
leads to crashes for some STL implementations. These changes avoid UB
while making higher-level reporting code simpler and safer.

This change alters affected level-1 ERROR test lines a little, including
removing duplicated connection information from clientNegotiateSSL()
message (cache_log_message id=62). That duplication existed because
Squid reports the same Connection info automatically via CodeContext.

New WithExtras() mechanism may be useful for other "low-level debugging
and level-0/1 details for admins ought to differ" cases as well. Today,
the only known debugging context for Security::IoResult is
Security::PeerConnector::suspendNegotiation(), but that is likely to
change as we upgrade TLS callers to library-independent wrappers beyond
the current Security::Accept() and Security::Connect() pair.

author	Alex Rousskov <rousskov@measurement-factory.com>
	Sun, 3 Nov 2024 08:14:55 +0000 (08:14 +0000)
committer	Squid Anubis <squid-anubis@squid-cache.org>
	Tue, 5 Nov 2024 11:41:09 +0000 (11:41 +0000)
commit	fff4502b16fdc4941fa24b1eb429788286ecd106
tree	5cd2f796b505ff078188318b057c16258d063e13	tree
parent	0cc6c016adef89d3c2fff30c1ce69f6d7efe6f3d	commit \| diff

doc/debug-messages.dox		diff \| blob \| blame \| history
src/base/IoManip.h		diff \| blob \| blame \| history
src/client_side.cc		diff \| blob \| blame \| history
src/security/Io.cc		diff \| blob \| blame \| history
src/security/Io.h		diff \| blob \| blame \| history
src/security/PeerConnector.cc		diff \| blob \| blame \| history
src/tests/stub_libsecurity.cc		diff \| blob \| blame \| history