From: Joshua Rogers <MegaManSec@users.noreply.github.com>
Date: Sat, 25 Oct 2025 08:42:26 +0000 (+0000)
Subject: Quit NTLM authenticate() on missing NTLM authorization header (#2216)
X-Git-Tag: SQUID_7_3~1
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f449f79b231cdc48a73299eb09065fe7cab1dd6b;p=thirdparty%2Fsquid.git

Quit NTLM authenticate() on missing NTLM authorization header (#2216)

Previously, various null-pointer dereferences, UAFs, and so on occurred.
---

diff --git a/src/auth/ntlm/UserRequest.cc b/src/auth/ntlm/UserRequest.cc
index 378061e453..7cd914d47c 100644
--- a/src/auth/ntlm/UserRequest.cc
+++ b/src/auth/ntlm/UserRequest.cc
@@ -186,20 +186,23 @@ Auth::Ntlm::UserRequest::authenticate(HttpRequest * aRequest, ConnStateData * co
     /* get header */
     const char *proxy_auth = aRequest->header.getStr(type);
 
+    /* if proxy_auth is actually NULL, we'd better not manipulate it. */
+    if (!proxy_auth) {
+        debugs(29, 4, "WARNING: NTLM Authentication missing authorization header");
+        return;
+    }
+
     /* locate second word */
     const char *blob = proxy_auth;
 
-    /* if proxy_auth is actually NULL, we'd better not manipulate it. */
-    if (blob) {
-        while (xisspace(*blob) && *blob)
-            ++blob;
+    while (xisspace(*blob) && *blob)
+        ++blob;
 
-        while (!xisspace(*blob) && *blob)
-            ++blob;
+    while (!xisspace(*blob) && *blob)
+        ++blob;
 
-        while (xisspace(*blob) && *blob)
-            ++blob;
-    }
+    while (xisspace(*blob) && *blob)
+        ++blob;
 
     switch (user()->credentials()) {