------------------------------------------------------------
revno: 14027
revision-id: squid3@treenet.co.nz-20160417105424-6d40n75zmhkqwjf4
parent: squid3@treenet.co.nz-20160417104327-tdxaovf8g26e7em2
fixes bug: http://bugs.squid-cache.org/show_bug.cgi?id=4465
author: Alex Rousskov <rousskov@measurement-factory.com>
committer: Amos Jeffries <squid3@treenet.co.nz>
branch nick: 3.5
timestamp: Sun 2016-04-17 22:54:24 +1200
message:
  Bug 4465: Header forgery detection leads to crash
------------------------------------------------------------
# Bazaar merge directive format 2 (Bazaar 0.90)
# revision_id: squid3@treenet.co.nz-20160417105424-6d40n75zmhkqwjf4
# target_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
# testament_sha1: 386806ce616dc81deefc8fc1c57ebcac5fae9844
# timestamp: 2016-04-17 10:58:32 +0000
# source_branch: http://bzr.squid-cache.org/bzr/squid3/3.5
# base_revision_id: squid3@treenet.co.nz-20160417104327-\
#   tdxaovf8g26e7em2
# 
# Begin patch
=== modified file 'src/client_side_request.cc'
--- src/client_side_request.cc	2016-01-01 00:14:27 +0000
+++ src/client_side_request.cc	2016-04-17 10:54:24 +0000
@@ -554,7 +554,8 @@
 
     debugs(85, DBG_IMPORTANT, "SECURITY ALERT: Host header forgery detected on " <<
            http->getConn()->clientConnection << " (" << A << " does not match " << B << ")");
-    debugs(85, DBG_IMPORTANT, "SECURITY ALERT: By user agent: " << http->request->header.getStr(HDR_USER_AGENT));
+    if (const char *ua = http->request->header.getStr(HDR_USER_AGENT))
+        debugs(85, DBG_IMPORTANT, "SECURITY ALERT: By user agent: " << ua);
     debugs(85, DBG_IMPORTANT, "SECURITY ALERT: on URL: " << urlCanonical(http->request));
 
     // IP address validation for Host: failed. reject the connection.