BUG/MINOR: chunk: Fix function chunk_strcmp and chunk_strcasecmp match a substring.

They could match different strings as equal if the chunk was shorter
than the string. Those functions are currently only used for SSL's
certificate DN entry extract.

diff --git a/src/chunk.c b/src/chunk.c
index d7d8501d638101a49a130335e34fd0e2933e4270..3c1cfdffcbca647825e1479b0c0f74a5a4b157ff 100644 (file)
--- a/src/chunk.c
+++ b/src/chunk.c
@@ -207,8 +207,10 @@ int chunk_strcmp(const struct chunk *chk, const char *str)
        int diff = 0;
 
        do {
-               if (--len < 0)
+               if (--len < 0) {
+                       diff = (unsigned char)0 - (unsigned char)*str;
                        break;
+               }
                diff = (unsigned char)*(s1++) - (unsigned char)*(str++);
        } while (!diff);
        return diff;
@@ -225,8 +227,10 @@ int chunk_strcasecmp(const struct chunk *chk, const char *str)
        int diff = 0;
 
        do {
-               if (--len < 0)
+               if (--len < 0) {
+                       diff = (unsigned char)0 - (unsigned char)*str;
                        break;
+               }
                diff = (unsigned char)*s1 - (unsigned char)*str;
                if (unlikely(diff)) {
                        unsigned int l = (unsigned char)*s1;