From: Amos Jeffries <squid3@treenet.co.nz>
Date: Sat, 13 Jul 2013 12:19:45 +0000 (+1200)
Subject: Better handling of strange port values in Host:
X-Git-Tag: SQUID_3_4_0_1~23
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=126e1dc0f41248c93b9aea46624a55de6b49a5ef;p=thirdparty%2Fsquid.git

Better handling of strange port values in Host:

We can do better than just producing errors about invalid port details
and treatign it as port-0.
We can instead undo the port separation and pass it through as part of
the host name to be verified with the default port number properly
assumed.
---

diff --git a/src/client_side_request.cc b/src/client_side_request.cc
index 092aa39fe7..7045cfbc7d 100644
--- a/src/client_side_request.cc
+++ b/src/client_side_request.cc
@@ -633,8 +633,16 @@ ClientRequestContext::hostHeaderVerify()
     uint16_t port = 0;
     if (portStr) {
         *portStr = '\0'; // strip the ':'
-        if (*(++portStr) != '\0')
-            port = xatoi(portStr);
+        if (*(++portStr) != '\0') {
+            char *end = NULL;
+            int64_t ret = strtoll(portStr, &end, 10);
+            if (end == portStr || *end != '\0' || ret < 1 || ret > 0xFFFF) {
+                // invalid port details. Replace the ':'
+                *(--portStr) = ':';
+                portStr = NULL;
+            } else
+                port = (ret & 0xFFFF);
+        }
     }
 
     debugs(85, 3, HERE << "validate host=" << host << ", port=" << port << ", portStr=" << (portStr?portStr:"NULL"));