From: Alex Rousskov <rousskov@measurement-factory.com>
Date: Sun, 17 Apr 2016 10:54:24 +0000 (+1200)
Subject: Bug 4465: Header forgery detection leads to crash
X-Git-Tag: SQUID_3_5_17~10
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4d3cece251f7feff661782638fa14c5a50d715f5;p=thirdparty%2Fsquid.git

Bug 4465: Header forgery detection leads to crash
---

diff --git a/src/client_side_request.cc b/src/client_side_request.cc
index e2b3e1010e..cbcc9bc9f0 100644
--- a/src/client_side_request.cc
+++ b/src/client_side_request.cc
@@ -554,7 +554,8 @@ ClientRequestContext::hostHeaderVerifyFailed(const char *A, const char *B)
 
     debugs(85, DBG_IMPORTANT, "SECURITY ALERT: Host header forgery detected on " <<
            http->getConn()->clientConnection << " (" << A << " does not match " << B << ")");
-    debugs(85, DBG_IMPORTANT, "SECURITY ALERT: By user agent: " << http->request->header.getStr(HDR_USER_AGENT));
+    if (const char *ua = http->request->header.getStr(HDR_USER_AGENT))
+        debugs(85, DBG_IMPORTANT, "SECURITY ALERT: By user agent: " << ua);
     debugs(85, DBG_IMPORTANT, "SECURITY ALERT: on URL: " << urlCanonical(http->request));
 
     // IP address validation for Host: failed. reject the connection.