segfault in slist_item() when value is NULL

[LeSpocky]

In slist_add() there's no check on the contents of item->name or item->value so items with name or value set to NULL can be added to the list.

The functions slist_delete() and slist_item() access item->name which would cause a segfault if name is set to NULL.

Additionally in slist_item() also item->value is accessed and can be NULL, here:

return (!begin->value[0] ? NULL : begin->value);

While libcgi does not add items with empty names by itself, it may add items with empty values. For example on POST requests with empty text boxes a QUERY_STRING can be like this:

foo=&bar=baz

The segfault happens in the above mentioned line in slist_item(), if the list is then accessed via cgi_param( "foo" ) 💥

I suggest we allow the value to be set to NULL and return NULL in slist_item() in this case.

The question remains if we should also allow adding items with empty name in slist_add(), but that's subject of another topic. 😉

[LeSpocky]

Currently slist_item() returns NULL on an empty string aka if the first byte of item->value is the null termination of the string. People maybe rely on this, so we should not break it, although it would be possible and maybe more intuitive to return a pointer to the empty string.