]> git.ipfire.org Git - thirdparty/squid.git/commitdiff
projects / thirdparty / squid.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 45a6b2c)
Bug 4465: Header forgery detection leads to crash
authorAlex Rousskov <rousskov@measurement-factory.com>
Sat, 9 Apr 2016 15:35:34 +0000 (03:35 +1200)
committerAmos Jeffries <squid3@treenet.co.nz>
Sat, 9 Apr 2016 15:35:34 +0000 (03:35 +1200)
src/client_side_request.cc patch | blob | blame | history

diff --git a/src/client_side_request.cc b/src/client_side_request.cc
index df18d5e51a6bb9228b10ae56cd711958743850cd..9c7254d71798019c77eece1a454e5072b03614c0 100644 (file)
--- a/src/client_side_request.cc
+++ b/src/client_side_request.cc
@@ -574,7 +574,8 @@ ClientRequestContext::hostHeaderVerifyFailed(const char *A, const char *B)
 
     debugs(85, DBG_IMPORTANT, "SECURITY ALERT: Host header forgery detected on " <<
            http->getConn()->clientConnection << " (" << A << " does not match " << B << ")");
-    debugs(85, DBG_IMPORTANT, "SECURITY ALERT: By user agent: " << http->request->header.getStr(Http::HdrType::USER_AGENT));
+    if (const char *ua = http->request->header.getStr(Http::HdrType::USER_AGENT))
+        debugs(85, DBG_IMPORTANT, "SECURITY ALERT: By user agent: " << ua);
     debugs(85, DBG_IMPORTANT, "SECURITY ALERT: on URL: " << http->request->effectiveRequestUri());
 
     // IP address validation for Host: failed. reject the connection.
Mirror of https://github.com/squid-cache/squid.git