code: avoid potential crash on non-conformant literal IPv6 adresses

in oidc_util_current_url_host Signed-off-by: Hans Zandbelt <[email protected]>
OpenIDC · Dec 16, 2024 · c06ebff · c06ebff
1 parent 74db443
commit c06ebff
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 3 deletions.
diff --git a/ChangeLog b/ChangeLog
@@ -4,6 +4,7 @@
 - code: declare memcache members as int so they can be set to OIDC_CONFIG_POS_INT_UNSET without warning
 - code: declare introspection_endpoint_method member as int so it can be set to OIDC_CONFIG_POS_INT_UNSET without warning
 - code: check return value of oidc_get_provider_from_session and oidc_refresh_token_grant in logout.c
+- code: avoid potential crash on non-conformant literal IPv6 adresses in oidc_util_current_url_host
 
 12/15/2024
 - add Coverity Github action

diff --git a/src/util.c b/src/util.c
@@ -767,7 +767,6 @@ static const char *oidc_get_current_url_port(const request_rec *r, const char *s
 const char *oidc_util_current_url_host(request_rec *r, oidc_hdr_x_forwarded_t x_forwarded_headers) {
 	const char *host_str = NULL;
 	char *p = NULL;
-	char *i = NULL;
 
 	if (x_forwarded_headers & OIDC_HDR_FORWARDED)
 		host_str = oidc_http_hdr_forwarded_get(r, "host");
@@ -780,8 +779,9 @@ const char *oidc_util_current_url_host(request_rec *r, oidc_hdr_x_forwarded_t x_
 		host_str = apr_pstrdup(r->pool, host_str);
 
 		if (host_str[0] == '[') {
-			i = strchr(host_str, ']');
-			p = strchr(i, OIDC_CHAR_COLON);
+			p = strchr(host_str, ']');
+			if (p)
+				p = strchr(p, OIDC_CHAR_COLON);
 		} else {
 			p = strchr(host_str, OIDC_CHAR_COLON);
 		}
@@ -792,6 +792,7 @@ const char *oidc_util_current_url_host(request_rec *r, oidc_hdr_x_forwarded_t x_
 		/* no Host header, HTTP 1.0 */
 		host_str = ap_get_server_name(r);
 	}
+
 	return host_str;
 }