From: hno <>
Date: Sat, 4 Nov 2006 21:15:22 +0000 (+0000)
Subject: Bug #1817: Assertion failure assert(buflen >= copy_sz) in htcp.c htcpBuildAuth()
X-Git-Tag: SQUID_3_0_PRE5~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=081cdbe32abd72c3bcdaeddae7859c75d477be52;p=thirdparty%2Fsquid.git

Bug #1817: Assertion failure assert(buflen >= copy_sz) in htcp.c htcpBuildAuth()

could trigger on certain oversized requests when using HTCP
---

diff --git a/src/htcp.cc b/src/htcp.cc
index ce1600d7d5..6763c2df02 100644
--- a/src/htcp.cc
+++ b/src/htcp.cc
@@ -1,6 +1,6 @@
 
 /*
- * $Id: htcp.cc,v 1.70 2006/09/03 21:05:20 hno Exp $
+ * $Id: htcp.cc,v 1.71 2006/11/04 14:15:22 hno Exp $
  *
  * DEBUG: section 31    Hypertext Caching Protocol
  * AUTHOR: Duane Wesssels
@@ -340,7 +340,8 @@ htcpBuildAuth(char *buf, size_t buflen)
     assert(2 == sizeof(u_int16_t));
     auth.length = htons(2);
     copy_sz += 2;
-    assert(buflen >= copy_sz);
+    if (buflen < copy_sz)
+	return -1;
     xmemcpy(buf, &auth, copy_sz);
     return copy_sz;
 }