Fixed a SEGFAULT bug on redirections without Location

2 files changed, 21 insertions, 19 deletions

diff --git a/ChangeLog b/ChangeLog
index 6eb061b1..a4e7e3c1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -26,6 +26,7 @@ dillo-2.1
  - Added a right-click menu to the form submit button (allows to show hiddens).
  - Added the "http_language" dillorc option for setting HTTP's Accept-Language.
  - Refactored prefs.c to a much smaller size!
+ - Fixed a SEGFAULT bug on redirections without Location.
    Patches: place (AKA corvid)
 +- Switched SSL-enabled to configure.in (./configure --enable-ssl).
  - Standardised the installation of dpid/dpidrc with auto* tools.
diff --git a/src/cache.c b/src/cache.c
index f1d4cbf5..8d01c40e 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -642,7 +642,6 @@ static void Cache_parse_header(CacheEntry_t *entry)
 #ifndef DISABLE_COOKIES
    Dlist *Cookies;
 #endif
-   DilloUrl *location_url;
    Dlist *warnings;
    void *data;
    int i;
@@ -660,26 +659,28 @@ static void Cache_parse_header(CacheEntry_t *entry)
       }
       if (header[9] == '3' && header[10] == '0') {
          /* 30x: URL redirection */
-         entry->Flags |= CA_Redirect;
-         if (header[11] == '1')
-            entry->Flags |= CA_ForceRedirect;  /* 301 Moved Permanently */
-         else if (header[11] == '2')
-            entry->Flags |= CA_TempRedirect;   /* 302 Temporary Redirect */
+         if ((location_str = Cache_parse_field(header, "Location"))) {
+            DilloUrl *location_url;
+
+            entry->Flags |= CA_Redirect;
+            if (header[11] == '1')
+               entry->Flags |= CA_ForceRedirect;  /* 301 Moved Permanently */
+            else if (header[11] == '2')
+               entry->Flags |= CA_TempRedirect;   /* 302 Temporary Redirect */
    
-         location_str = Cache_parse_field(header, "Location");
-         location_url = a_Url_new(location_str, URL_STR_(entry->Url));
-         if (URL_FLAGS(location_url) & (URL_Post + URL_Get) &&
-             dStrcasecmp(URL_SCHEME(location_url), "dpi") == 0 &&
-             dStrcasecmp(URL_SCHEME(entry->Url), "dpi") != 0) {
-            /* Forbid dpi GET and POST from non dpi-generated urls */
-            MSG("Redirection Denied! '%s' -> '%s'\n",
-                URL_STR(entry->Url), URL_STR(location_url));
-            a_Url_free(location_url);
-         } else {
-            entry->Location = location_url;
+            location_url = a_Url_new(location_str, URL_STR_(entry->Url));
+            if (URL_FLAGS(location_url) & (URL_Post + URL_Get) &&
+                dStrcasecmp(URL_SCHEME(location_url), "dpi") == 0 &&
+                dStrcasecmp(URL_SCHEME(entry->Url), "dpi") != 0) {
+               /* Forbid dpi GET and POST from non dpi-generated urls */
+               MSG("Redirection Denied! '%s' -> '%s'\n",
+                   URL_STR(entry->Url), URL_STR(location_url));
+               a_Url_free(location_url);
+            } else {
+               entry->Location = location_url;
+            }
+            dFree(location_str);
          }
-         dFree(location_str);
-
       } else if (strncmp(header + 9, "401", 3) == 0) {
          entry->Auth =
             Cache_parse_multiple_fields(header, "WWW-Authenticate");