]> git.ipfire.org Git - thirdparty/squid.git/commit
projects / thirdparty / squid.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1137dfd) | patch
digest_edirectory_auth: improved error handling
authorAmos Jeffries <squid3@treenet.co.nz>
Wed, 14 Nov 2012 01:33:49 +0000 (18:33 -0700)
committerAmos Jeffries <squid3@treenet.co.nz>
Wed, 14 Nov 2012 01:33:49 +0000 (18:33 -0700)
commitf7f2e2d6e59e49b8d0f144dfb335f6ece00d8042
tree0e2612859ab7c1912827808a092edfc524771229tree | snapshot
parent1137dfd5497b272284accca8fd2953eb9985c77bcommit | diff
digest_edirectory_auth: improved error handling

Malicious response from LDAP server can cause squid helper to crash.

Missing realm value returned from LDAP without error/missing value being
indicated in the response can lead to strcmp() using a NULL pointer.
 Extremely unlikely to happen in practice, but worth fixing.

 Detected by Coverity Scan. Issue 740399
helpers/digest_auth/eDirectory/ldap_backend.cc diff | blob | blame | history
Mirror of https://github.com/squid-cache/squid.git