------------------------------------------------------------ revno: 12399 revision-id: squid3@treenet.co.nz-20121124021226-irs63csluyy4eh5f parent: squid3@treenet.co.nz-20121124021152-b4264tvx35qdve6n committer: Amos Jeffries branch nick: 3.3 timestamp: Fri 2012-11-23 19:12:26 -0700 message: libacl: polish and code fixes * removed several blocks of dead code and useless conditional checks * Improved handling of garbage config definitions for ACL random, max_conn * Initialized several uninitialized class members in ACL base class. Detected by Coverity Scan. Issues 740528, 740343, 740529, 740362, 434117, 740593, 740407. Possibly also resolves issue 740486. ------------------------------------------------------------ # Bazaar merge directive format 2 (Bazaar 0.90) # revision_id: squid3@treenet.co.nz-20121124021226-irs63csluyy4eh5f # target_branch: http://bzr.squid-cache.org/bzr/squid3/3.3 # testament_sha1: 2b17e7a7fa21d30768bd3cd2f06de5ba0479f31c # timestamp: 2012-11-24 02:14:41 +0000 # source_branch: http://bzr.squid-cache.org/bzr/squid3/3.3 # base_revision_id: squid3@treenet.co.nz-20121124021152-\ # b4264tvx35qdve6n # # Begin patch === modified file 'src/acl/Acl.cc' --- src/acl/Acl.cc 2012-09-04 09:10:20 +0000 +++ src/acl/Acl.cc 2012-11-24 02:12:26 +0000 @@ -80,7 +80,12 @@ return result; } -ACL::ACL () :cfgline(NULL) {} +ACL::ACL() : + cfgline(NULL), + next(NULL) +{ + *name = 0; +} bool ACL::valid () const { === modified file 'src/acl/Asn.cc' --- src/acl/Asn.cc 2012-09-19 17:16:56 +0000 +++ src/acl/Asn.cc 2012-11-24 02:12:26 +0000 @@ -509,8 +509,6 @@ data = data->next; delete prev; } - - delete data; } static int === modified file 'src/acl/Checklist.cc' --- src/acl/Checklist.cc 2012-09-01 14:38:36 +0000 +++ src/acl/Checklist.cc 2012-11-24 02:12:26 +0000 @@ -320,7 +320,8 @@ async_(false), finished_(false), allow_(ACCESS_DENIED), - state_(NullState::Instance()) + state_(NullState::Instance()), + checking_(false) { } === modified file 'src/acl/DestinationIp.cc' --- src/acl/DestinationIp.cc 2012-09-23 09:04:21 +0000 +++ src/acl/DestinationIp.cc 2012-11-24 02:12:26 +0000 @@ -54,8 +54,7 @@ // Bypass of browser same-origin access control in intercepted communication // To resolve this we will force DIRECT and only to the original client destination. // In which case, we also need this ACL to accurately match the destination - if (Config.onoff.client_dst_passthru && checklist->request && - (checklist->request->flags.intercepted || checklist->request->flags.spoofClientIp)) { + if (Config.onoff.client_dst_passthru && (checklist->request->flags.intercepted || checklist->request->flags.spoofClientIp)) { assert(checklist->conn() && checklist->conn()->clientConnection != NULL); return ACLIP::match(checklist->conn()->clientConnection->local); } === modified file 'src/acl/Ip.cc' --- src/acl/Ip.cc 2012-09-27 10:10:21 +0000 +++ src/acl/Ip.cc 2012-11-24 02:12:26 +0000 @@ -409,15 +409,6 @@ memset(&hints, 0, sizeof(struct addrinfo)); - if ( iptype != AF_UNSPEC ) { - hints.ai_flags |= AI_NUMERICHOST; - } - -#if 0 - if (Ip::EnableIpv6&IPV6_SPECIAL_V4MAPPING) - hints.ai_flags |= AI_V4MAPPED | AI_ALL; -#endif - int errcode = getaddrinfo(addr1,NULL,&hints,&hp); if (hp == NULL) { debugs(28, DBG_CRITICAL, "aclIpParseIpData: Bad host/IP: '" << addr1 << === modified file 'src/acl/MaxConnection.cc' --- src/acl/MaxConnection.cc 2012-09-04 09:10:20 +0000 +++ src/acl/MaxConnection.cc 2012-11-24 02:12:26 +0000 @@ -85,8 +85,15 @@ limit = (atoi (t)); /* suck out file contents */ - + // ignore comments + bool ignore = false; while ((t = strtokFile())) { + ignore |= (*t != '#'); + + if (ignore) + continue; + + debugs(89, DBG_CRITICAL, "WARNING: max_conn only accepts a single limit value."); limit = 0; } } === modified file 'src/acl/Random.cc' --- src/acl/Random.cc 2012-08-31 16:57:39 +0000 +++ src/acl/Random.cc 2012-11-24 02:12:26 +0000 @@ -72,6 +72,12 @@ return data == 0.0; } +bool +ACLRandom::valid() const +{ + return !empty(); +} + /*******************/ /* aclParseRandomList */ /*******************/ @@ -82,6 +88,9 @@ char bufa[256], bufb[256]; t = strtokFile(); + if (!t) + return; + debugs(28, 5, "aclParseRandomData: " << t); // seed random generator ... @@ -91,23 +100,23 @@ int a = xatoi(bufa); int b = xatoi(bufb); if (a == 0 || b == 0) { - debugs(28, DBG_CRITICAL, "aclParseRandomData: Bad Pattern: '" << t << "'"); - self_destruct(); + debugs(28, DBG_CRITICAL, "ERROR: ACL random with bad pattern: '" << t << "'"); + return; } else data = a / (double)(a+b); } else if (sscanf(t, "%[0-9]/%[0-9]", bufa, bufb) == 2) { int a = xatoi(bufa); int b = xatoi(bufb); if (a == 0 || b == 0) { - debugs(28, DBG_CRITICAL, "aclParseRandomData: Bad Pattern: '" << t << "'"); - self_destruct(); + debugs(28, DBG_CRITICAL, "ERROR: ACL random with bad pattern: '" << t << "'"); + return; } else data = (double) a / (double) b; } else if (sscanf(t, "0.%[0-9]", bufa) == 1) { data = atof(t); } else { - debugs(28, DBG_CRITICAL, "aclParseRandomData: Bad Pattern: '" << t << "'"); - self_destruct(); + debugs(28, DBG_CRITICAL, "ERROR: ACL random with bad pattern: '" << t << "'"); + return; } // save the exact input pattern. so we can display it later. === modified file 'src/acl/Random.h' --- src/acl/Random.h 2009-11-01 07:48:25 +0000 +++ src/acl/Random.h 2012-11-24 02:12:26 +0000 @@ -53,6 +53,7 @@ virtual int match(ACLChecklist *checklist); virtual wordlist *dump() const; virtual bool empty () const; + virtual bool valid() const; protected: static Prototype RegistryProtoype;