File squid-2.7.STABLE5-bnc587375-CVE-2010-0639.patch of Package squid

diff -rNU 30 ../squid-2.7.STABLE5-o/src/htcp.c ./src/htcp.c
--- ../squid-2.7.STABLE5-o/src/htcp.c	2008-05-05 01:23:13.000000000 +0200
+++ ./src/htcp.c	2011-12-21 15:19:38.000000000 +0100
@@ -923,60 +923,65 @@
 {
     debug(31, 3) ("htcpHandleMon: Unimplemented\n");
 }
 
 static void
 htcpHandleSet(htcpDataHeader * hdr, char *buf, int sz, struct sockaddr_in *from)
 {
     debug(31, 3) ("htcpHandleSet: Unimplemented\n");
 }
 
 static void
 htcpHandleClr(htcpDataHeader * hdr, char *buf, int sz, struct sockaddr_in *from)
 {
     htcpSpecifier *s;
     /* buf[0/1] is reserved and reason */
     int reason = buf[1] << 4;
     debug(31, 3) ("htcpHandleClr: reason=%d\n", reason);
     buf += 2;
     sz -= 2;
 
     /* buf should be a SPECIFIER */
     if (sz == 0) {
 	debug(31, 4) ("htcpHandleClr: nothing to do\n");
 	return;
     }
     s = htcpUnpackSpecifier(buf, sz);
     if (NULL == s) {
 	debug(31, 3) ("htcpHandleClr: htcpUnpackSpecifier failed\n");
 	return;
     }
+    if (!s->request) {
+        debug(31, 2) ("htcpHandleTstRequest: failed to parse request\n");
+        htcpFreeSpecifier(s);
+        return;
+    }
     if (!htcpAccessCheck(Config.accessList.htcp_clr, s, from)) {
 	debug(31, 2) ("htcpHandleClr: Access denied\n");
 	htcpFreeSpecifier(s);
 	return;
     }
     debug(31, 5) ("htcpHandleClr: %s %s %s\n",
 	s->method,
 	s->uri,
 	s->version);
     debug(31, 5) ("htcpHandleClr: request headers: %s\n", s->req_hdrs);
 
     /* Release objects from cache
      * analog to clientPurgeRequest in client_side.c
      */
     switch (htcpClrStore(s)) {
     case 1:
 	htcpClrReply(hdr, 1, from);	/* hit */
 	break;
     case 0:
 	htcpClrReply(hdr, 0, from);	/* miss */
 	break;
     default:
 	break;
     }
 
     htcpFreeSpecifier(s);
 }
 
 static void
 htcpHandleData(char *buf, int sz, struct sockaddr_in *from)