Comment 3 for bug 347815

"siege -te" is sufficient to crash it, I don't think "siege -ate" should invoke the time parsing at all but it does.

I had a quick look at the code. This is not related to this bug but... The second if statement here is funny, this guy manages to malloc sub, leak it, strdup buffer and leak that as well. And casting size_t to int is a great practice.... not (length and start should be redeclared as size_t instead). I still siege though because it's easier to use than httperf and so on, but the code...

substring(char *buffer, int start, int length)
{
  char *sub;
  sub = malloc (sizeof (char) * (length + 1));

  if ((length < 1) || (start < 0) || (start > (int)strlen (buffer)))
    return NULL;

  if ((int)strlen (buffer) < length){
    sub = (char*) strdup (buffer);
    return buffer;
  }
...

To fix the bug at hand, it's sufficient to add "if (x ==0) return;" right after the while loop in parse_time(), like this:

parse_time(char *p)
{
  size_t x = 0;
  my.time = my.secs = 0;
  while(ISDIGIT(p[x]))
    x++;
  if (x == 0)
    return;

Running "valgrind siege -te" still shows leaks though.