[mod_cml_lua] fix null pointer dereference

a local lua script could trigger it by not sending any files and not
  setting a last-modified header, leading to zero mtime and a buffer
  ptr = NULL which was used in http_response_handle_cachable

From: Stefan Bühler <stbuehler@web.de>

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2951 152afb58-edef-0310-8abb-c4023f1b3aa9

NEWS

@@ -15,6 +15,7 @@ NEWS
   * [buffer] fix length check in buffer_is_equal_right_len
   * fix resource leaks in error cases on config parsing and other initializations
   * add force_assert() to enforce assertions as simple assert()s are disabled by -DNDEBUG (fixes #2546)
+  * [mod_cml_lua] fix null pointer dereference
 
 - 1.4.34
   * [mod_auth] explicitly link ssl for SHA1 (fixes #2517)

src/mod_cml_lua.c

@@ -398,26 +398,22 @@ int cache_parse_lua(server *srv, connection *con, plugin_data *p, buffer *fn) {
 			con->file_finished = 1;
 
 			ds = (data_string *)array_get_element(con->response.headers, "Last-Modified");
+			if (0 == mtime) mtime = time(NULL); /* default last-modified to now */
 
 			/* no Last-Modified specified */
-			if ((mtime) && (NULL == ds)) {
+			if (NULL == ds) {
 
 				strftime(timebuf, sizeof(timebuf), "%a, %d %b %Y %H:%M:%S GMT", gmtime(&mtime));
 
 				response_header_overwrite(srv, con, CONST_STR_LEN("Last-Modified"), timebuf, sizeof(timebuf) - 1);
 
-
 				tbuf.ptr = timebuf;
 				tbuf.used = sizeof(timebuf);
 				tbuf.size = sizeof(timebuf);
-			} else if (ds) {
+			} else {
 				tbuf.ptr = ds->value->ptr;
 				tbuf.used = ds->value->used;
 				tbuf.size = ds->value->size;
-			} else {
-				tbuf.size = 0;
-				tbuf.used = 0;
-				tbuf.ptr = NULL;
 			}
 
 			if (HANDLER_FINISHED == http_response_handle_cachable(srv, con, &tbuf)) {