code: avoid potential crash on non-conformant literal IPv6 adresses

in oidc_util_current_url_host

Signed-off-by: Hans Zandbelt <[email protected]>

Author: zandbelt

ChangeLog

@@ -4,6 +4,7 @@
 - code: declare memcache members as int so they can be set to OIDC_CONFIG_POS_INT_UNSET without warning
 - code: declare introspection_endpoint_method member as int so it can be set to OIDC_CONFIG_POS_INT_UNSET without warning
 - code: check return value of oidc_get_provider_from_session and oidc_refresh_token_grant in logout.c
+- code: avoid potential crash on non-conformant literal IPv6 adresses in oidc_util_current_url_host
 
 12/15/2024
 - add Coverity Github action

src/util.c

@@ -767,7 +767,6 @@ static const char *oidc_get_current_url_port(const request_rec *r, const char *s
 const char *oidc_util_current_url_host(request_rec *r, oidc_hdr_x_forwarded_t x_forwarded_headers) {
 	const char *host_str = NULL;
 	char *p = NULL;
-	char *i = NULL;
 
 	if (x_forwarded_headers & OIDC_HDR_FORWARDED)
 		host_str = oidc_http_hdr_forwarded_get(r, "host");
@@ -780,8 +779,9 @@ const char *oidc_util_current_url_host(request_rec *r, oidc_hdr_x_forwarded_t x_
 		host_str = apr_pstrdup(r->pool, host_str);
 
 		if (host_str[0] == '[') {
-			i = strchr(host_str, ']');
-			p = strchr(i, OIDC_CHAR_COLON);
+			p = strchr(host_str, ']');
+			if (p)
+				p = strchr(p, OIDC_CHAR_COLON);
 		} else {
 			p = strchr(host_str, OIDC_CHAR_COLON);
 		}
@@ -792,6 +792,7 @@ const char *oidc_util_current_url_host(request_rec *r, oidc_hdr_x_forwarded_t x_
 		/* no Host header, HTTP 1.0 */
 		host_str = ap_get_server_name(r);
 	}
+
 	return host_str;
 }