From: Amos Jeffries <amosjeffries@squid-cache.org>
Date: Mon, 6 Oct 2008 11:34:25 +0000 (-0600)
Subject: Coverity detected. inconsistent error detection on StoreIOBUffer
X-Git-Tag: SQUID_3_0_STABLE10~10
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=02dd5cb79db015f715e2d64917db75cadde2bc64;p=thirdparty%2Fsquid.git

Coverity detected. inconsistent error detection on StoreIOBUffer

Audit reveals only one of several callers which might set negative length
state were checking for it and setting error flag properly.

Makes more sense for the StoreIOBuffer constructor to do its own
error state detection with information than to offload on callers.
---

diff --git a/helpers/ntlm_auth/fakeauth/fakeauth_auth.c b/helpers/ntlm_auth/fakeauth/fakeauth_auth.c
index e30170a846..18c75fc3bd 100755
--- a/helpers/ntlm_auth/fakeauth/fakeauth_auth.c
+++ b/helpers/ntlm_auth/fakeauth/fakeauth_auth.c
@@ -428,7 +428,10 @@ main(int argc, char *argv[])
 	    } else
 		SEND2("TT %s", data);
 	} else if (strncasecmp(buf, "KK ", 3) == 0) {
-	    if (!ntlmCheckHeader((ntlmhdr *) decoded, NTLM_AUTHENTICATE)) {
+            if(!decoded) {
+                SEND2("BH received KK with no data! user=%s", user);
+            }
+	    else if (!ntlmCheckHeader((ntlmhdr *) decoded, NTLM_AUTHENTICATE)) {
 		if (!ntlmDecodeAuth((struct ntlm_authenticate *) decoded, user, 256)) {
 		    lc(user);
 		    if (strip_domain_enabled) {