From 78bd4038d7d59228254e4ec33b80244d6b08936e Mon Sep 17 00:00:00 2001
From: Emeric Brun <ebrun@exceliance.fr>
Date: Fri, 9 May 2014 17:11:07 +0200
Subject: [PATCH] BUG/MINOR: chunk: Fix function chunk_strcmp and
 chunk_strcasecmp match a substring.

They could match different strings as equal if the chunk was shorter
than the string. Those functions are currently only used for SSL's
certificate DN entry extract.
---
 src/chunk.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/chunk.c b/src/chunk.c
index d7d8501d6..3c1cfdffc 100644
--- a/src/chunk.c
+++ b/src/chunk.c
@@ -207,8 +207,10 @@ int chunk_strcmp(const struct chunk *chk, const char *str)
 	int diff = 0;
 
 	do {
-		if (--len < 0)
+		if (--len < 0) {
+			diff = (unsigned char)0 - (unsigned char)*str;
 			break;
+		}
 		diff = (unsigned char)*(s1++) - (unsigned char)*(str++);
 	} while (!diff);
 	return diff;
@@ -225,8 +227,10 @@ int chunk_strcasecmp(const struct chunk *chk, const char *str)
 	int diff = 0;
 
 	do {
-		if (--len < 0)
+		if (--len < 0) {
+			diff = (unsigned char)0 - (unsigned char)*str;
 			break;
+		}
 		diff = (unsigned char)*s1 - (unsigned char)*str;
 		if (unlikely(diff)) {
 			unsigned int l = (unsigned char)*s1;