lp:squid

Author: Alex Rousskov
Author Date: 2024-05-03 02:00:08 UTC

Bug 5322: Do not leak HttpReply when checking http_reply_access (#1764)

... as well as response_delay_pool and send_hit directives.

    auto check = clientAclChecklistCreate(...); // sets check->reply
    check->reply = reply; // self-assignment does nothing
    HTTPMSGLOCK(check->reply); // an unwanted/extra lock

When ACLFilledChecklist::reply is already set to X, resetting it to X
should not change HttpReply lock count, but some manual locking code did
not check that "already set" precondition and over-locked reply objects
set to ClientHttpRequest::al::reply by clientAclChecklistFill().

Current known leaks were probably introduced in 2021 commit e227da8 that
started supplying HttpReply to ACLChecklist in clientAclChecklistFill().
The added code locked the reply object correctly, but it was
incompatible with unconditional manual locks in three existing indirect
clientAclChecklistFill() callers (calling clientAclChecklistCreate()).

This change removes all known similar leaks and improves
ACLFilledChecklist API to prevent future similar leaks.

Author: Francesco Chemolli
Author Date: 2024-05-02 00:56:41 UTC

Optimization: clientStreamInit() copied ClientStreamData (#1801)

Detected by Coverity. CID 1529543 and CID 1529594: Unnecessary object
copies can affect performance (COPY_INSTEAD_OF_MOVE).

Author: Francesco Chemolli
Author Date: 2024-04-08 05:02:07 UTC

v6.9

Author: Amos Jeffries
Author Date: 2024-02-23 21:12:23 UTC

Documentation: Update Programming Guide title (#1699)

Author: Francesco Chemolli
Author Date: 2024-02-13 11:10:12 UTC

include header across the board

Author: Andreas Weigel
Author Date: 2023-11-14 15:17:09 UTC

FTP: Ignore credentials with a NUL-prefixed username (#1557)

    FATAL: FTP login parsing destroyed username info

This bug was discovered and detailed by Joshua Rogers at
https://megamansec.github.io/Squid-Security-Audit/ftp-fatal.html
where it was filed as "FTP Authentication Crash".

Author: SquidAdm
Author Date: 2023-10-11 08:52:08 UTC

typo fix

Author: Amos Jeffries
Author Date: 2022-08-09 23:34:54 UTC

Bug 3193 pt2: NTLM decoder truncating strings (#1114)

The initial bug fix overlooked large 'offset' causing integer
wrap to extract a too-short length string.

Improve debugs and checks sequence to clarify cases and ensure
that all are handled correctly.

Author: Armin Wolfermann
Author Date: 2020-02-04 20:15:00 UTC

fix security patch

Author: Francesco Chemolli
Author Date: 2018-10-21 13:06:33 UTC

Mingw build fixes

There are type errors and data access errors in windows-specific bits of
code.

Author: Garri Djavadyan
Author Date: 2016-12-17 13:56:49 UTC

Bug 4169: HIT marked as MISS when If-None-Match does not match

Author: Garri Djavadyan
Author Date: 2016-12-17 12:59:41 UTC

Bug 4169: HIT marked as MISS when If-None-Match does not match

Author: Garri Djavadyan
Author Date: 2016-12-17 10:04:42 UTC

Bug 4169: HIT marked as MISS when If-None-Match does not match

Author: Amos Jeffries
Author Date: 2016-12-17 06:37:44 UTC

Do not override user defined -std option

Author: Source Maintenance
Author Date: 2015-04-23 13:02:10 UTC

Docs: Update CONTRIBUTORS

Author: Amos Jeffries
Author Date: 2012-08-08 08:16:36 UTC

merged from trunk

Author: serassio <>
Author Date: 2008-03-02 23:54:50 UTC

Windows port: Add reconfigure action to cachemgr.

Author: robertc <>
Author Date: 2002-10-24 20:53:10 UTC

cbdata debug history