From: amosjeffries <> Date: Fri, 3 Aug 2007 07:57:30 +0000 (+0000) Subject: Add assert()'s to check for NULL pointers in NTLM auth. X-Git-Tag: SQUID_3_0_PRE7~114 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=3a11f20d4ada71943911b86a87eefcfc489dbf36;p=thirdparty%2Fsquid.git Add assert()'s to check for NULL pointers in NTLM auth. Coverity checker picked up a number of cases where casting might (rarely) cause a NULL pointer and a dereference occured afterwards. This patch adds several assert statements to cause squid to abort at the source of these errors rather than segfault later. No code logic has been changed in any way. --- diff --git a/src/auth/ntlm/auth_ntlm.cc b/src/auth/ntlm/auth_ntlm.cc index e05b5998c8..7cfd741429 100644 --- a/src/auth/ntlm/auth_ntlm.cc +++ b/src/auth/ntlm/auth_ntlm.cc @@ -1,6 +1,6 @@ /* - * $Id: auth_ntlm.cc,v 1.72 2007/08/02 02:08:25 amosjeffries Exp $ + * $Id: auth_ntlm.cc,v 1.73 2007/08/03 01:57:30 amosjeffries Exp $ * * DEBUG: section 29 NTLM Authenticator * AUTHOR: Robert Collins, Henrik Nordstrom, Francesco Chemolli @@ -285,6 +285,8 @@ AuthNTLMConfig::fixHeader(AuthUserRequest *auth_user_request, HttpReply *rep, ht } else { ntlm_request = dynamic_cast(auth_user_request); + assert(ntlm_request != NULL); + switch (ntlm_request->auth_state) { case AUTHENTICATE_STATE_FAILED: @@ -362,6 +364,7 @@ authenticateNTLMHandleReply(void *data, void *lastserver, char *reply) assert(auth_user_request != NULL); ntlm_request = dynamic_cast(auth_user_request); + assert(ntlm_request != NULL); assert(ntlm_request->waiting); ntlm_request->waiting = 0; safe_free(ntlm_request->client_blob); @@ -371,6 +374,8 @@ authenticateNTLMHandleReply(void *data, void *lastserver, char *reply) assert(auth_user->auth_type == AUTH_NTLM); ntlm_user = dynamic_cast(auth_user_request->user()); + assert(ntlm_request != NULL); + if (ntlm_request->authserver == NULL) ntlm_request->authserver = static_cast(lastserver); else @@ -519,6 +524,7 @@ authenticateNTLMReleaseServer(AuthUserRequest * auth_user_request) * code-paths. Kinkie */ /* DPW 2007-05-07 * yes, it is possible */ + assert(ntlm_request != NULL); if (ntlm_request->authserver) { helperStatefulReleaseServer(ntlm_request->authserver); ntlm_request->authserver = NULL;