From: Amos Jeffries <squid3@treenet.co.nz>
Date: Mon, 26 Nov 2012 08:35:49 +0000 (-0700)
Subject: digest_file_auth: Improved error handling
X-Git-Tag: SQUID_3_2_4~27
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cb5d755034c07557ca8fb205f70175211acb6046;p=thirdparty%2Fsquid.git

digest_file_auth: Improved error handling

Adds missing error handling when pasword file fails to open for any
reason.

Skips records with missing username in password file.Displays an error
message instead of crashing.

 Detected by Coverity Scan. Issues 740400, 740401
---

diff --git a/helpers/digest_auth/file/text_backend.cc b/helpers/digest_auth/file/text_backend.cc
index eb499e69ae..507a1ea86c 100644
--- a/helpers/digest_auth/file/text_backend.cc
+++ b/helpers/digest_auth/file/text_backend.cc
@@ -56,7 +56,6 @@ my_free(void *p)
 static void
 read_passwd_file(const char *passwordFile, int isHa1Mode)
 {
-    FILE *f;
     char buf[8192];
     user_data *u;
     char *user;
@@ -73,12 +72,22 @@ read_passwd_file(const char *passwordFile, int isHa1Mode)
         fprintf(stderr, "digest_file_auth: cannot create hash table\n");
         exit(1);
     }
-    f = fopen(passwordFile, "r");
-    while (fgets(buf, 8192, f) != NULL) {
+    FILE *f = fopen(passwordFile, "r");
+    if (!f) {
+        fprintf(stderr, "digest_file_auth: cannot open password file: %s\n", xstrerror());
+        exit(1);
+    }
+    unsigned int lineCount = 0;
+    while (fgets(buf, sizeof(buf), f) != NULL) {
+        ++lineCount;
         if ((buf[0] == '#') || (buf[0] == ' ') || (buf[0] == '\t') ||
                 (buf[0] == '\n'))
             continue;
         user = strtok(buf, ":\n");
+        if (!user) {
+            fprintf(stderr, "digest_file_auth: missing user name at line %u in '%s'\n", lineCount, passwordFile);
+            continue;
+        }
         realm = strtok(NULL, ":\n");
         passwd = strtok(NULL, ":\n");
         if (!passwd) {