Fix parsing of max-stale values in Surrogate-Control header

Skip parsing of the max-stale field when the initial max-age value
is not a valid integer value.

 Detected by Coverity Scan. Issue 740361

diff --git a/src/HttpHdrSc.cc b/src/HttpHdrSc.cc
index 8a720c4803206ee7bc4cd289e8802c0d76cf97f1..52dc243046fe25a9789fda899cca6f5d324d04b2 100644 (file)
--- a/src/HttpHdrSc.cc
+++ b/src/HttpHdrSc.cc
@@ -197,22 +197,23 @@ HttpHdrSc::parse(const String * str)
             int ma;
             if (p && httpHeaderParseInt(p, &ma)) {
                 sct->maxAge(ma);
+
+                if ((p = strchr (p, '+'))) {
+                    int ms;
+                    ++p; //skip the + char
+                    if (httpHeaderParseInt(p, &ms)) {
+                        sct->maxStale(ms);
+                    } else {
+                        debugs(90, 2, "sc: invalid max-stale specs near '" << item << "'");
+                        sct->clearMaxStale();
+                        /* leave the max-age alone */
+                    }
+                }
             } else {
                 debugs(90, 2, "sc: invalid max-age specs near '" << item << "'");
                 sct->clearMaxAge();
             }
 
-            if ((p = strchr (p, '+'))) {
-                int ms;
-                ++p; //skip the + char
-                if (httpHeaderParseInt(p, &ms)) {
-                    sct->maxStale(ms);
-                } else {
-                    debugs(90, 2, "sc: invalid max-stale specs near '" << item << "'");
-                    sct->clearMaxStale();
-                    /* leave the max-age alone */
-                }
-            }
             break;
         }