From 1f38bdb3f63f3ce7422bedfe3a6e24c1619e9881 Mon Sep 17 00:00:00 2001
From: Willy Tarreau <w@1wt.eu>
Date: Mon, 8 Nov 2021 12:09:27 +0100
Subject: [PATCH] BUG/MINOR: cache: properly ignore unparsable max-age in
 quotes

When "max-age" or "s-maxage" receive their values in quotes, the pointer
to the integer to be parsed is advanced by one, but the error pointer
check doesn't consider this advanced offset, so it will not match a
parse error such as max-age="a" and will take the value zero instead.

This probably needs to be backported, though it's unsure it has any
effect in the real world.
---
 src/cache.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/cache.c b/src/cache.c
index 9c108ae53..287ff5325 100644
--- a/src/cache.c
+++ b/src/cache.c
@@ -783,7 +783,7 @@ int http_calc_maxage(struct stream *s, struct cache *cache, int *true_maxage)
 			chunk_memcat(chk, "", 1);
 			offset = (*chk->area == '"') ? 1 : 0;
 			smaxage = strtol(chk->area + offset, &endptr, 10);
-			if (unlikely(smaxage < 0 || endptr == chk->area))
+			if (unlikely(smaxage < 0 || endptr == chk->area + offset))
 				return -1;
 		}
 
@@ -795,7 +795,7 @@ int http_calc_maxage(struct stream *s, struct cache *cache, int *true_maxage)
 			chunk_memcat(chk, "", 1);
 			offset = (*chk->area == '"') ? 1 : 0;
 			maxage = strtol(chk->area + offset, &endptr, 10);
-			if (unlikely(maxage < 0 || endptr == chk->area))
+			if (unlikely(maxage < 0 || endptr == chk->area + offset))
 				return -1;
 		}
 	}