[src/trunk]: src/libexec/httpd properly handle ilen = 0 case, which could lea...

[mrg <mrg%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/0d198cde6cf9
branches:  trunk
changeset: 805261:0d198cde6cf9
user:      mrg <mrg%NetBSD.org@localhost>
date:      Fri Dec 26 19:48:52 2014 +0000

description:
properly handle ilen = 0 case, which could lead to array underflow.
pointed out by Maxime Villard.

diffstat:

 libexec/httpd/auth-bozo.c |  8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diffs (22 lines):

diff -r 426941f5cd3f -r 0d198cde6cf9 libexec/httpd/auth-bozo.c
--- a/libexec/httpd/auth-bozo.c Fri Dec 26 19:44:48 2014 +0000
+++ b/libexec/httpd/auth-bozo.c Fri Dec 26 19:48:52 2014 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: auth-bozo.c,v 1.14 2014/11/21 08:58:28 shm Exp $       */
+/*     $NetBSD: auth-bozo.c,v 1.15 2014/12/26 19:48:52 mrg Exp $       */
 
 /*     $eterna: auth-bozo.c,v 1.17 2011/11/18 09:21:15 mrg Exp $       */
 
@@ -238,6 +238,12 @@
        unsigned char *cp;
        size_t   i;
 
+       if (ilen == 0) {
+               if (olen)
+                       *out = '\0';
+               return 0;
+       }
+
        cp = out;
        for (i = 0; i < ilen; i += 4) {
                if (cp + 3 > out + olen)