------------------------------------------------------------
revno: 13231
revision-id: squid3@treenet.co.nz-20140115012314-2op4njubystzambq
parent: squid3@treenet.co.nz-20140114212920-t6ze2zxzy8lw8muq
committer: Amos Jeffries <squid3@treenet.co.nz>
branch nick: trunk
timestamp: Wed 2014-01-15 14:23:14 +1300
message:
  Fix rfcnb library potential NULL pointer dereference
  
  Malformed RFCNB packet may lead to crash.
  
   Detected by Coverity Scan. Issue 740355.
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20140115012314-2op4njubystzambq
# target_branch: http://bzr.squid-cache.org/bzr/squid3/trunk/
# testament_sha1: 380ab7131a5573f586a401a355b4b2dc9548a2ff
# timestamp: 2014-01-15 01:57:46 +0000
# source_branch: http://bzr.squid-cache.org/bzr/squid3/trunk/
# base_revision_id: squid3@treenet.co.nz-20140114212920-\
#   t6ze2zxzy8lw8muq
# 
# Begin patch
=== modified file 'lib/rfcnb/rfcnb-io.c'
--- lib/rfcnb/rfcnb-io.c	2013-09-29 20:14:10 +0000
+++ lib/rfcnb/rfcnb-io.c	2014-01-15 01:23:14 +0000
@@ -382,7 +382,7 @@
         offset = RFCNB_Pkt_Hdr_Len;     /* Otherwise skip the header       */
     }
 
-    frag_len = pkt_frag->len;
+    frag_len = (pkt_frag ? pkt_frag->len : 0);
 
     if (more <= frag_len)       /* If len left to get less than frag space */
         this_len = more;        /* Get the rest ...                        */