------------------------------------------------------------
revno: 12402
revision-id: squid3@treenet.co.nz-20121124033806-tcr2u52oosqguv57
parent: squid3@treenet.co.nz-20121124021756-0za3b7r7t3tloko1
committer: Amos Jeffries <squid3@treenet.co.nz>
branch nick: 3.3
timestamp: Fri 2012-11-23 20:38:06 -0700
message:
  digest_ldap_auth: Fix crash on empty password
  
   Detected by Coverity Scan. Issue 740399
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20121124033806-tcr2u52oosqguv57
# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.3
# testament_sha1: 83b932159a015daaa55d89ff56c1b838a87d440a
# timestamp: 2012-11-24 03:43:53 +0000
# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.3
# base_revision_id: squid3@treenet.co.nz-20121124021756-\
#   0za3b7r7t3tloko1
# 
# Begin patch
=== modified file 'helpers/digest_auth/LDAP/ldap_backend.cc'
--- helpers/digest_auth/LDAP/ldap_backend.cc	2012-08-28 13:00:30 +0000
+++ helpers/digest_auth/LDAP/ldap_backend.cc	2012-11-24 03:38:06 +0000
@@ -263,7 +263,8 @@
             value = values;
             while (*value) {
                 if (encrpass) {
-                    if (strcmp(strtok(*value, delimiter), realm) == 0) {
+                    const char *t = strtok(*value, delimiter);
+                    if (t && strcmp(t, realm) == 0) {
                         password = strtok(NULL, delimiter);
                         break;
                     }