From: Alex Rousskov <rousskov@measurement-factory.com>
Date: Wed, 5 Oct 2016 04:34:38 +0000 (-0600)
Subject: Avoid segfaults when debugging section 4 at level 9.
X-Git-Tag: SQUID_4_0_15~10
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=3d4c0e37cf784e8dbeebec8f253deaf2dec36bed;p=thirdparty%2Fsquid.git

Avoid segfaults when debugging section 4 at level 9.

The bug was probably added in r11496. It was exposed by Valgrind's
"Conditional jump or move depends on uninitialised value(s)" error.
---

diff --git a/src/errorpage.cc b/src/errorpage.cc
index 3c06357fb5..88a0b62ce6 100644
--- a/src/errorpage.cc
+++ b/src/errorpage.cc
@@ -361,7 +361,6 @@ TemplateFile::loadFromFile(const char *path)
 bool strHdrAcptLangGetItem(const String &hdr, char *lang, int langLen, size_t &pos)
 {
     while (pos < hdr.size()) {
-        char *dt = lang;
 
         /* skip any initial whitespace. */
         while (pos < hdr.size() && xisspace(hdr[pos]))
@@ -375,6 +374,7 @@ bool strHdrAcptLangGetItem(const String &hdr, char *lang, int langLen, size_t &p
          *    with preference given to an exact match.
          */
         bool invalid_byte = false;
+        char *dt = lang;
         while (pos < hdr.size() && hdr[pos] != ';' && hdr[pos] != ',' && !xisspace(hdr[pos]) && dt < (lang + (langLen -1)) ) {
             if (!invalid_byte) {
 #if USE_HTTP_VIOLATIONS
@@ -394,7 +394,6 @@ bool strHdrAcptLangGetItem(const String &hdr, char *lang, int langLen, size_t &p
             ++pos;
         }
         *dt = '\0'; // nul-terminated the filename content string before system use.
-        ++dt;
 
         // if we terminated the tag on garbage or ';' we need to skip to the next ',' or end of header.
         while (pos < hdr.size() && hdr[pos] != ',')
@@ -403,7 +402,7 @@ bool strHdrAcptLangGetItem(const String &hdr, char *lang, int langLen, size_t &p
         if (pos < hdr.size() && hdr[pos] == ',')
             ++pos;
 
-        debugs(4, 9, HERE << "STATE: dt='" << dt << "', lang='" << lang << "', pos=" << pos << ", buf='" << ((pos < hdr.size()) ? hdr.substr(pos,hdr.size()) : "") << "'");
+        debugs(4, 9, "STATE: lang=" << lang << ", pos=" << pos << ", buf='" << ((pos < hdr.size()) ? hdr.substr(pos,hdr.size()) : "") << "'");
 
         /* if we found anything we might use, try it. */
         if (*lang != '\0' && !invalid_byte)