From: Amos Jeffries <squid3@treenet.co.nz>
Date: Thu, 8 Jan 2015 22:47:22 +0000 (-0800)
Subject: ntlm_fake_auth: fix null pointer dereference
X-Git-Tag: merge-candidate-3-v1~365
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=6bb77e978175d06c0dd435216b208ba98f568b9d;p=thirdparty%2Fsquid.git

ntlm_fake_auth: fix null pointer dereference

 Detected by Coverity Scan. Issue 1261433
---

diff --git a/helpers/ntlm_auth/fake/ntlm_fake_auth.cc b/helpers/ntlm_auth/fake/ntlm_fake_auth.cc
index 06375d59b9..689775e893 100644
--- a/helpers/ntlm_auth/fake/ntlm_fake_auth.cc
+++ b/helpers/ntlm_auth/fake/ntlm_fake_auth.cc
@@ -137,7 +137,6 @@ main(int argc, char *argv[])
     int decodedLen;
     char user[NTLM_MAX_FIELD_LENGTH], domain[NTLM_MAX_FIELD_LENGTH];
     char *p;
-    ntlmhdr *packet = NULL;
     char helper_command[3];
     int len;
 
@@ -157,6 +156,7 @@ main(int argc, char *argv[])
         if ((p = strchr(buf, '\n')) != NULL)
             *p = '\0';      /* strip \n */
         buflen = strlen(buf);   /* keep this so we only scan the buffer for \0 once per loop */
+        ntlmhdr *packet;
         struct base64_decode_ctx ctx;
         base64_decode_init(&ctx);
         size_t dstLen = 0;
@@ -182,7 +182,7 @@ main(int argc, char *argv[])
             char nonce[NTLM_NONCE_LEN];
             ntlm_challenge chal;
             ntlm_make_nonce(nonce);
-            if (buflen > 3) {
+            if (buflen > 3 && packet) {
                 ntlm_negotiate *nego = (ntlm_negotiate *)packet;
                 ntlm_make_challenge(&chal, authenticate_ntlm_domain, NULL, nonce, NTLM_NONCE_LEN, nego->flags);
             } else {