From 0f0223e1a66000ca7e99ce832864d73b8a06bf7f Mon Sep 17 00:00:00 2001
From: joe <joe@61a7d7f5-40b7-0310-9c16-bb0ea8cb1845>
Date: Mon, 24 Sep 2018 10:44:40 +0000
Subject: * src/ne_request.c (ne_set_request_flag): Fix bounds check.

* test/request.c (safe_flags): Add regression test.


git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@2015 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
---
 src/ne_request.c |  2 +-
 test/request.c   | 16 ++++++++++++++++
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/src/ne_request.c b/src/ne_request.c
index e28fcd4..7cb69a6 100644
--- a/src/ne_request.c
+++ b/src/ne_request.c
@@ -585,7 +585,7 @@ void ne_set_request_body_fd(ne_request *req, int fd,
 
 void ne_set_request_flag(ne_request *req, ne_request_flag flag, int value)
 {
-    if (flag < (ne_request_flag)NE_SESSFLAG_LAST) {
+    if (flag < (ne_request_flag)NE_REQFLAG_LAST) {
         req->flags[flag] = value;
     }
 }
diff --git a/test/request.c b/test/request.c
index 3444061..b0ef8c3 100644
--- a/test/request.c
+++ b/test/request.c
@@ -2358,6 +2358,21 @@ static int socks_fail(void)
     return await_server();
 }
 
+static int safe_flags(void)
+{
+    ne_session *sess = ne_session_create("http", "localhost", 80);
+    ne_request *req = ne_request_create(sess, "GET", "/");
+
+    ne_set_request_flag(req, NE_REQFLAG_LAST, 0xAAAAAAAA);
+
+    ONN("flags array bound check failed", ne_get_session(req) != sess);
+
+    ne_request_destroy(req);
+    ne_session_destroy(sess);
+
+    return OK;
+}
+
 /* TODO: test that ne_set_notifier(, NULL, NULL) DTRT too. */
 
 ne_test tests[] = {
@@ -2451,5 +2466,6 @@ ne_test tests[] = {
     T(socks_fail),
     T(fail_lookup),
     T(fail_double_lookup),
+    T(safe_flags),
     T(NULL)
 };
-- 
cgit v1.2.1