------------------------------------------------------------
revno: 12637
revision-id: squid3@treenet.co.nz-20131024152527-vj3nk892lvrk9t34
parent: squid3@treenet.co.nz-20131024152401-sf8gguj1o0j30lk8
author: Elmar Vonlanthen <Elmar.Vonlanthen@united-security-providers.ch>
committer: Amos Jeffries <squid3@treenet.co.nz>
branch nick: 3.3
timestamp: Thu 2013-10-24 09:25:27 -0600
message:
  libntlmauth: Fix string field truncation
  
  Count of field bytes must begin at 0. Otherwise the decoder truncates
  1 byte from the string due to lstring initial state values.
  
  Also drop the lstring_zero(s) macro. It is only used in one place and
  calling it 'zero' obscures that length is non-zero for invalid state.
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20131024152527-vj3nk892lvrk9t34
# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.3
# testament_sha1: 4093264bd2a81ef4686e605d35c4bb873d897866
# timestamp: 2013-10-24 15:46:50 +0000
# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.3
# base_revision_id: squid3@treenet.co.nz-20131024152401-\
#   sf8gguj1o0j30lk8
# 
# Begin patch
=== modified file 'lib/ntlmauth/ntlmauth.cc'
--- lib/ntlmauth/ntlmauth.cc	2012-09-01 14:38:36 +0000
+++ lib/ntlmauth/ntlmauth.cc	2013-10-24 15:25:27 +0000
@@ -99,8 +99,6 @@
     return NTLM_ERR_NONE;
 }
 
-#define lstring_zero(s) s.str=NULL; s.l=-1;
-
 /**
  * Fetches a string from the authentication packet.
  * The lstring data-part may point to inside the packet itself or a temporary static buffer.
@@ -119,7 +117,8 @@
     lstring rv;
     char *d;
 
-    lstring_zero(rv);
+    rv.str = NULL;
+    rv.l = -1;
 
     l = le16toh(str->len);
     o = le32toh(str->offset);
@@ -130,6 +129,7 @@
         return rv;
     }
     rv.str = (char *)packet + o;
+    rv.l = 0;
     if ((flags & NTLM_NEGOTIATE_ASCII) == 0) {
         /* UNICODE string */
         unsigned short *s = (unsigned short *)rv.str;