From: Alex Rousskov <rousskov@measurement-factory.com>
Date: Sun, 9 Oct 2016 12:36:16 +0000 (+1300)
Subject: Avoid segfaults when debugging section 4 at level 9.
X-Git-Tag: SQUID_3_5_22~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d5af35ff85637dd02cff028417a2b647ee68fcb6;p=thirdparty%2Fsquid.git

Avoid segfaults when debugging section 4 at level 9.

The bug was probably added in r11496. It was exposed by Valgrind's
"Conditional jump or move depends on uninitialised value(s)" error.
---

diff --git a/src/errorpage.cc b/src/errorpage.cc
index 26856b8b1c..ce0c320731 100644
--- a/src/errorpage.cc
+++ b/src/errorpage.cc
@@ -358,7 +358,6 @@ TemplateFile::loadFromFile(const char *path)
 bool strHdrAcptLangGetItem(const String &hdr, char *lang, int langLen, size_t &pos)
 {
     while (pos < hdr.size()) {
-        char *dt = lang;
 
         /* skip any initial whitespace. */
         while (pos < hdr.size() && xisspace(hdr[pos]))
@@ -372,6 +371,7 @@ bool strHdrAcptLangGetItem(const String &hdr, char *lang, int langLen, size_t &p
          *    with preference given to an exact match.
          */
         bool invalid_byte = false;
+        char *dt = lang;
         while (pos < hdr.size() && hdr[pos] != ';' && hdr[pos] != ',' && !xisspace(hdr[pos]) && dt < (lang + (langLen -1)) ) {
             if (!invalid_byte) {
 #if USE_HTTP_VIOLATIONS
@@ -391,7 +391,6 @@ bool strHdrAcptLangGetItem(const String &hdr, char *lang, int langLen, size_t &p
             ++pos;
         }
         *dt = '\0'; // nul-terminated the filename content string before system use.
-        ++dt;
 
         // if we terminated the tag on garbage or ';' we need to skip to the next ',' or end of header.
         while (pos < hdr.size() && hdr[pos] != ',')
@@ -400,7 +399,7 @@ bool strHdrAcptLangGetItem(const String &hdr, char *lang, int langLen, size_t &p
         if (pos < hdr.size() && hdr[pos] == ',')
             ++pos;
 
-        debugs(4, 9, HERE << "STATE: dt='" << dt << "', lang='" << lang << "', pos=" << pos << ", buf='" << ((pos < hdr.size()) ? hdr.substr(pos,hdr.size()) : "") << "'");
+        debugs(4, 9, "STATE: lang=" << lang << ", pos=" << pos << ", buf='" << ((pos < hdr.size()) ? hdr.substr(pos,hdr.size()) : "") << "'");
 
         /* if we found anything we might use, try it. */
         if (*lang != '\0' && !invalid_byte)