------------------------------------------------------------ revno: 12514 revision-id: squid3@treenet.co.nz-20130308020539-mzgexo065xh6uydw parent: squid3@treenet.co.nz-20130304201637-cbosvvgmoohxo8jv committer: Amos Jeffries branch nick: 3.3 timestamp: Thu 2013-03-07 19:05:39 -0700 message: Regression fix: Accept-Language header parse When handling error page negotiation the header parse to detect language code can enter into an infinite loop. Recover the 3.1 series behaviour and fix an additional pre-existing off-by-1 error. The errors were introduced in trunk rev.11496 in 3.2.0.9. ------------------------------------------------------------ # Bazaar merge directive format 2 (Bazaar 0.90) # revision_id: squid3@treenet.co.nz-20130308020539-mzgexo065xh6uydw # target_branch: http://bzr.squid-cache.org/bzr/squid3/3.3 # testament_sha1: 318e0295c02d8bbd9da3c57937bb251c2fbd3206 # timestamp: 2013-03-08 02:07:10 +0000 # source_branch: http://bzr.squid-cache.org/bzr/squid3/3.3 # base_revision_id: squid3@treenet.co.nz-20130304201637-\ # cbosvvgmoohxo8jv # # Begin patch === modified file 'src/errorpage.cc' --- src/errorpage.cc 2012-09-19 17:16:56 +0000 +++ src/errorpage.cc 2013-03-08 02:05:39 +0000 @@ -381,17 +381,9 @@ while (pos < hdr.size()) { char *dt = lang; - if (!pos) { - /* skip any initial whitespace. */ - while (pos < hdr.size() && xisspace(hdr[pos])) - ++pos; - } else { - // IFF we terminated the tag on whitespace or ';' we need to skip to the next ',' or end of header. - while (pos < hdr.size() && hdr[pos] != ',') - ++pos; - if (hdr[pos] == ',') - ++pos; - } + /* skip any initial whitespace. */ + while (pos < hdr.size() && xisspace(hdr[pos])) + ++pos; /* * Header value format: @@ -422,6 +414,13 @@ *dt = '\0'; // nul-terminated the filename content string before system use. ++dt; + // if we terminated the tag on garbage or ';' we need to skip to the next ',' or end of header. + while (pos < hdr.size() && hdr[pos] != ',') + ++pos; + + if (pos < hdr.size() && hdr[pos] == ',') + ++pos; + debugs(4, 9, HERE << "STATE: dt='" << dt << "', lang='" << lang << "', pos=" << pos << ", buf='" << ((pos < hdr.size()) ? hdr.substr(pos,hdr.size()) : "") << "'"); /* if we found anything we might use, try it. */