diff --git a/src/server/mux-parse.c b/src/server/mux-parse.c
index cf3bf83a78892a424622c9c1ebb4ccb0c5e38320..9b66ab9f5cc5c0ab88025065257d13ac0cafa3fd 100644
--- a/src/server/mux-parse.c
+++ b/src/server/mux-parse.c
@@ -85,6 +85,16 @@ mux_parse_string(Mux *mux,
switch ( mux->parse.string_parse_pos )
{
case 0:
+ if ( ( result->len != 0 || result->string != NULL) && err_cnt++ < 20 )
+ {
+ log ("mux_parse_string(): result->len == %lu, "
+ "result->string == %lu. This memory will not be free()'d.\n",
+ (u_long)result->len, (u_long)result->string);
+ *result = EMPTY_STRING;
+ if ( err_cnt == 20 )
+ log("Won't log the above warning no more.");
+ }
+
/* Get number and discard trailing 'H' */
mux_len = s_strtol(s_fsubstr(mux->parse.unparsed,
mux->parse.first_to_parse,
@@ -113,8 +123,10 @@ mux_parse_string(Mux *mux,
mux->parse.first_to_parse += 1 + hptr;
mux->parse.string_parse_pos = 1;
+ result->len = mux_len; /* +++ Transfer mux_len. */
/* Fall through */
case 1:
+ mux_len = result->len;
/* Check that the entire string is transmitted. */
/* (Don't care about the trailing part that will be skipped if the
* string is longer than maxlen) */
@@ -126,16 +138,8 @@ mux_parse_string(Mux *mux,
longjmp(mux_parse_env, MUX_MSG_INCOMPLETE);
}
- if ( ( result->len != 0 || result->string != NULL) && err_cnt++ < 20 )
- {
- log ("mux_parse_string(): result->len == %lu, "
- "result->string == %lu. This memory will not be free()'d.\n",
- (u_long)result->len, (u_long)result->string);
- *result = EMPTY_STRING;
- if ( err_cnt == 20 )
- log("Won't log the above warning no more.");
- }
-
+ *result = EMPTY_STRING;
+
s_mem_crea_str(result,
mux->parse.unparsed.string + mux->parse.first_to_parse,
truncated_len);
@@ -152,7 +156,7 @@ mux_parse_string(Mux *mux,
/* Was the string too long? If so, skip the truncated data. */
mux_len = result->len; /* +++ shouldn't modify ->len */
- truncated_len = min(maxlen+1, result->len);
+ truncated_len = min(maxlen+1, mux_len);
if ( mux_len > truncated_len )
{