From: amosjeffries <>
Date: Thu, 24 Jan 2008 03:51:16 +0000 (+0000)
Subject: Protect String::limitInit() against empty strings.
X-Git-Tag: BASIC_TPROXY4~150
X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=4fbc2a54bc1c473a1dfd5db67db8eb88a322fbe5;p=thirdparty%2Fsquid.git

Protect String::limitInit() against empty strings.

Is being caleld at least once in squid3 with a NULL ptr and 0 length.
This patch prevents memory allocation on 0 length and a will continue
to assert if a NULL pointer is given with a length.
(We may want to re-think that later)
---

diff --git a/src/String.cc b/src/String.cc
index 7dc48a694c..63e8389da9 100644
--- a/src/String.cc
+++ b/src/String.cc
@@ -1,6 +1,6 @@
 
 /*
- * $Id: String.cc,v 1.28 2008/01/23 19:24:14 rousskov Exp $
+ * $Id: String.cc,v 1.29 2008/01/23 20:51:16 amosjeffries Exp $
  *
  * DEBUG: section 67    String
  * AUTHOR: Duane Wessels
@@ -109,7 +109,12 @@ void
 String::limitInit(const char *str, int len)
 {
     PROF_start(StringLimitInit);
-    assert(this && str);
+    if(len < 1) {
+        clean();
+        return;
+    }
+
+    assert(this && str && len > 0);
     initBuf(len + 1);
     len_ = len;
     xmemcpy(buf_, str, len);