From: Amos Jeffries Date: Thu, 2 Oct 2008 11:37:19 +0000 (+1300) Subject: Coverity detected possible NULL dereference. X-Git-Tag: SQUID_3_1_0_1~45^2~6 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e77cac8b29092e2a4daf8c8888f05046d5e9f8a4;p=thirdparty%2Fsquid.git Coverity detected possible NULL dereference. KK message response with exactly zero-length encrypted data component will cause Squid fakeauth helper to crash. Not expected in normal operation. But maybe seen with specially crafted or rare mangled responses. --- diff --git a/helpers/ntlm_auth/fakeauth/fakeauth_auth.c b/helpers/ntlm_auth/fakeauth/fakeauth_auth.c index e30170a846..18c75fc3bd 100644 --- a/helpers/ntlm_auth/fakeauth/fakeauth_auth.c +++ b/helpers/ntlm_auth/fakeauth/fakeauth_auth.c @@ -428,7 +428,10 @@ main(int argc, char *argv[]) } else SEND2("TT %s", data); } else if (strncasecmp(buf, "KK ", 3) == 0) { - if (!ntlmCheckHeader((ntlmhdr *) decoded, NTLM_AUTHENTICATE)) { + if(!decoded) { + SEND2("BH received KK with no data! user=%s", user); + } + else if (!ntlmCheckHeader((ntlmhdr *) decoded, NTLM_AUTHENTICATE)) { if (!ntlmDecodeAuth((struct ntlm_authenticate *) decoded, user, 256)) { lc(user); if (strip_domain_enabled) {