[BUG] Fix NULL pointer dereference in stats_check_uri_auth(), v2 Recent "struct chunk rework" introduced a NULL pointer dereference and now haproxy segfaults if auth is required for stats but not found. The reason is that size_t cannot store negative values, but current code assumes that "len < 0" == uninitialized. This patch fixes it.

commit: 6f61b215247ed87371c551fc09457bfdb8b72ddc [log] [tgz]
author: Krzysztof Piotr Oledzki <ole@ans.pl> Sun Oct 04 23:34:15 2009 +0200
committer: Willy Tarreau <w@1wt.eu> Sun Oct 04 23:44:45 2009 +0200
tree: b3a6376dcbdf252a341a754a547df7315286b098
parent: ac68c5d92c5cb42b2e2630731eb2faad92c83e72 [diff] [blame]
diff --git a/src/proto_http.c b/src/proto_http.c
index 4638d09..8698594 100644
--- a/src/proto_http.c
+++ b/src/proto_http.c

@@ -4596,8 +4596,7 @@
 			int len = txn->hdr_idx.v[cur_idx].len;
 			if (len > 14 &&
 			    !strncasecmp("Authorization:", h, 14)) {
-				txn->auth_hdr.str = h;
-				txn->auth_hdr.len = len;
+				chunk_initlen(&txn->auth_hdr, h, 0, len);
 				break;
 			}
 			h += len + txn->hdr_idx.v[cur_idx].cr + 1;
commit	6f61b215247ed87371c551fc09457bfdb8b72ddc	[log] [tgz]
author	Krzysztof Piotr Oledzki <ole@ans.pl>	Sun Oct 04 23:34:15 2009 +0200
committer	Willy Tarreau <w@1wt.eu>	Sun Oct 04 23:44:45 2009 +0200
tree	b3a6376dcbdf252a341a754a547df7315286b098
parent	ac68c5d92c5cb42b2e2630731eb2faad92c83e72 [diff] [blame]