From: Amos Jeffries <squid3@treenet.co.nz>
Date: Wed, 8 Oct 2008 05:15:31 +0000 (+1300)
Subject: Fix: Coverity detected possible NULL dereference.
X-Git-Tag: SQUID_3_0_STABLE10~7
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6c6bc7b9cae497f65f98fc96697b2042128f0745;p=thirdparty%2Fsquid.git

Fix: Coverity detected possible NULL dereference.

KK message response with exactly zero-length encrypted data component
will cause Squid fakeauth helper to crash.

Not expected in normal operation. But maybe seen with specially crafted
or rare mangled responses.
---

diff --git a/helpers/ntlm_auth/fakeauth/fakeauth_auth.c b/helpers/ntlm_auth/fakeauth/fakeauth_auth.c
index e30170a846..18c75fc3bd 100755
--- a/helpers/ntlm_auth/fakeauth/fakeauth_auth.c
+++ b/helpers/ntlm_auth/fakeauth/fakeauth_auth.c
@@ -428,7 +428,10 @@ main(int argc, char *argv[])
 	    } else
 		SEND2("TT %s", data);
 	} else if (strncasecmp(buf, "KK ", 3) == 0) {
-	    if (!ntlmCheckHeader((ntlmhdr *) decoded, NTLM_AUTHENTICATE)) {
+            if(!decoded) {
+                SEND2("BH received KK with no data! user=%s", user);
+            }
+	    else if (!ntlmCheckHeader((ntlmhdr *) decoded, NTLM_AUTHENTICATE)) {
 		if (!ntlmDecodeAuth((struct ntlm_authenticate *) decoded, user, 256)) {
 		    lc(user);
 		    if (strip_domain_enabled) {