From: Amos Jeffries <squid3@treenet.co.nz>
Date: Sat, 13 Jul 2013 12:41:08 +0000 (-0600)
Subject: Better handling of strange port values in Host:
X-Git-Tag: SQUID_3_2_13~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f22c583e22eb746e412c5f8eda57e04cfcb85dde;p=thirdparty%2Fsquid.git

Better handling of strange port values in Host:

We can do better than just producing errors about invalid port details
and treating it as port-0.
We can instead undo the port separation and pass it through as part of
the host name to be verified with the default port number properly
assumed.
---

diff --git a/src/client_side_request.cc b/src/client_side_request.cc
index 8d8a43df49..a64c7dfeba 100644
--- a/src/client_side_request.cc
+++ b/src/client_side_request.cc
@@ -641,8 +641,16 @@ ClientRequestContext::hostHeaderVerify()
     uint16_t port = 0;
     if (portStr) {
         *portStr = '\0'; // strip the ':'
-        if (*(++portStr) != '\0')
-            port = xatoi(portStr);
+        if (*(++portStr) != '\0') {
+            char *end = NULL;
+            int64_t ret = strtoll(portStr, &end, 10);
+            if (end == portStr || *end != '\0' || ret < 1 || ret > 0xFFFF) {
+                // invalid port details. Replace the ':'
+                *(--portStr) = ':';
+                portStr = NULL;
+            } else
+                port = (ret & 0xFFFF);
+        }
     }
 
     debugs(85, 3, HERE << "validate host=" << host << ", port=" << port << ", portStr=" << (portStr?portStr:"NULL"));