Handle NTLM helper returning OK without user= value

Prevent crash by treating this case as an error and failed
authentication

 Detected by Coverity Scan. Issue 1020656.

diff --git a/src/auth/ntlm/UserRequest.cc b/src/auth/ntlm/UserRequest.cc
index a7516be83a29c25e023a17beccbc6289bacd1b86..01300609eca3a6aec21e37a40bc28efbfc91ffa7 100644 (file)
--- a/src/auth/ntlm/UserRequest.cc
+++ b/src/auth/ntlm/UserRequest.cc
@@ -255,6 +255,13 @@ Auth::Ntlm::UserRequest::HandleReply(void *data, const HelperReply &reply)
     case HelperReply::Okay: {
         /* we're finished, release the helper */
         const char *userLabel = reply.notes.findFirst("user");
+        if (!userLabel) {
+            auth_user_request->user()->credentials(Auth::Failed);
+            safe_free(lm_request->server_blob);
+            lm_request->releaseAuthServer();
+            debugs(29, DBG_CRITICAL, "ERROR: NTLM Authentication helper returned no username. Result: " << reply);
+            break;
+        }
         auth_user_request->user()->username(userLabel);
         auth_user_request->denyMessage("Login successful");
         safe_free(lm_request->server_blob);