From aaf00d1f6f67a7e25b716306ad51ae762ebbfe3b Mon Sep 17 00:00:00 2001 From: Amos Jeffries Date: Thu, 17 Jul 2008 04:51:59 -0600 Subject: [PATCH] Bug 2411: fakeauth_auth is crashing during NTLM auth A NULL abort test was missing from the Squid-3 version. --- helpers/ntlm_auth/fakeauth/fakeauth_auth.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/helpers/ntlm_auth/fakeauth/fakeauth_auth.c b/helpers/ntlm_auth/fakeauth/fakeauth_auth.c index e557d0d912..e30170a846 100755 --- a/helpers/ntlm_auth/fakeauth/fakeauth_auth.c +++ b/helpers/ntlm_auth/fakeauth/fakeauth_auth.c @@ -299,9 +299,12 @@ ntlmDecodeAuth(struct ntlm_authenticate *auth, char *buf, size_t size) buf += (s - 1); *buf++ = '\\'; /* Using \ is more consistent with MS-proxy */ - p = ntlmGetString(&auth->hdr, &auth->user, auth->flags); + if( (p = ntlmGetString(&auth->hdr, &auth->user, auth->flags)) == NULL) + return 1; + if ((s = strlen(p) + 1) >= size) return 1; + while (*p) *buf++ = (*p++); //tolower -- 2.47.2