From: Jan Sievers <sievers@zedat.fu-berlin.de>
Date: Mon, 9 Sep 2013 01:25:12 +0000 (-0600)
Subject: Regression Bug 3077: off-by-one error in Digest header decoding
X-Git-Tag: SQUID_3_4_0_2~31
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=01e28e94868a3e119098b28171ac7235ab4c70ac;p=thirdparty%2Fsquid.git

Regression Bug 3077: off-by-one error in Digest header decoding

This is a regression in the 3.2 and later version of the original bug
fix patch.

The effect is that all attributes are treated as quoted-string values
with unescaping performed. This ends with credentials wrongly being
rejected as invalid.
---

diff --git a/src/auth/digest/auth_digest.cc b/src/auth/digest/auth_digest.cc
index a51ff5b6d1..f9609c842a 100644
--- a/src/auth/digest/auth_digest.cc
+++ b/src/auth/digest/auth_digest.cc
@@ -816,7 +816,7 @@ Auth::Digest::Config::decode(char const *proxy_auth)
             vlen = 0;
         }
 
-        StringArea keyName(item, nlen-1);
+        StringArea keyName(item, nlen);
         String value;
 
         if (vlen > 0) {