------------------------------------------------------------
revno: 11715
revision-id: squid3@treenet.co.nz-20121129111629-i146yp9xwb8ksuw3
parent: squid3@treenet.co.nz-20121129111532-5nj8mwy7tfhsx1wz
committer: Amos Jeffries <squid3@treenet.co.nz>
branch nick: 3.2
timestamp: Thu 2012-11-29 04:16:29 -0700
message:
  digest_ldap_auth: Fix crash on empty password
  
   Detected by Coverity Scan. Issue 740399
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20121129111629-i146yp9xwb8ksuw3
# target_branch: http://bzr.squid-cache.org/bzr/squid3/branches\
#   /SQUID_3_2
# testament_sha1: 5dabeb4a1bfdceb9e19a03c729bf7d1f7c049601
# timestamp: 2012-11-29 11:21:58 +0000
# source_branch: http://bzr.squid-cache.org/bzr/squid3/branches\
#   /SQUID_3_2
# base_revision_id: squid3@treenet.co.nz-20121129111532-\
#   5nj8mwy7tfhsx1wz
# 
# Begin patch
=== modified file 'helpers/digest_auth/LDAP/ldap_backend.cc'
--- helpers/digest_auth/LDAP/ldap_backend.cc	2012-07-28 05:38:50 +0000
+++ helpers/digest_auth/LDAP/ldap_backend.cc	2012-11-29 11:16:29 +0000
@@ -263,7 +263,8 @@
             value = values;
             while (*value) {
                 if (encrpass) {
-                    if (strcmp(strtok(*value, delimiter), realm) == 0) {
+                    const char *t = strtok(*value, delimiter);
+                    if (t && strcmp(t, realm) == 0) {
                         password = strtok(NULL, delimiter);
                         break;
                     }