git:master:00ce103d: usrloc: safety checks for query result in db rpc functions - sr-dev

21 Mar 2019

Module: kamailio
Branch: master
Commit: 00ce103d24fcfca75ffc2ec4f3ea897fd516e61d
URL: https://github.com/kamailio/kamailio/commit/00ce103d24fcfca75ffc2ec4f3ea897f...
Author: Daniel-Constantin Mierla miconda@gmail.com
Committer: Daniel-Constantin Mierla miconda@gmail.com
Date: 2019-03-21T13:48:25+01:00
usrloc: safety checks for query result in db rpc functions
- GH #1900
---
Modified: src/modules/usrloc/ul_rpc.c
---
Diff:  https://github.com/kamailio/kamailio/commit/00ce103d24fcfca75ffc2ec4f3ea897f...
Patch: https://github.com/kamailio/kamailio/commit/00ce103d24fcfca75ffc2ec4f3ea897f...
---

diff --git a/src/modules/usrloc/ul_rpc.c b/src/modules/usrloc/ul_rpc.c
index 53031799ac..3afad823d9 100644
--- a/src/modules/usrloc/ul_rpc.c
+++ b/src/modules/usrloc/ul_rpc.c
@@ -733,8 +733,8 @@ static void ul_rpc_db_users(rpc_t* rpc, void* ctx)
    str table = {0, 0};
    char query[QUERY_LEN];
    str query_str;
-	db1_res_t* res;
-	int count;
+	db1_res_t* res = NULL;
+	int count = 0;
if (db_mode == NO_DB) {
    	rpc->fault(ctx, 500, "Command is not supported in db_mode=0");
@@ -767,12 +767,13 @@ static void ul_rpc_db_users(rpc_t* rpc, void* ctx)
    		domain_col.len, domain_col.s,
    		table.len, table.s);
    query_str.s = query;
-	if (ul_dbf.raw_query(ul_dbh, &query_str, &res) < 0) {
+	if (ul_dbf.raw_query(ul_dbh, &query_str, &res) < 0 || res==NULL) {
    	rpc->fault(ctx, 500, "Failed to query AoR count");
    	return;
    }
-
-	count = (int)VAL_INT(ROW_VALUES(RES_ROWS(res)));
+	if (RES_ROW_N(res) > 0) {
+		count = (int)VAL_INT(ROW_VALUES(RES_ROWS(res)));
+	}
    ul_dbf.free_result(ul_dbh, res);
rpc->add(ctx, "d", count);
@@ -788,8 +789,8 @@ static void ul_rpc_db_contacts(rpc_t* rpc, void* ctx)
    str table = {0, 0};
    char query[QUERY_LEN];
    str query_str;
-	db1_res_t* res;
-	int count;
+	db1_res_t* res = NULL;
+	int count = 0;
if (db_mode == NO_DB) {
    	rpc->fault(ctx, 500, "Command is not supported in db_mode=0");
@@ -819,12 +820,14 @@ static void ul_rpc_db_contacts(rpc_t* rpc, void* ctx)
    query_str.len = snprintf(query, QUERY_LEN, "SELECT COUNT(*) FROM %.*s WHERE (UNIX_TIMESTAMP(expires) = 0) OR (expires > NOW())",
    		table.len, table.s);
    query_str.s = query;
-	if (ul_dbf.raw_query(ul_dbh, &query_str, &res) < 0) {
+	if (ul_dbf.raw_query(ul_dbh, &query_str, &res) < 0 || res==NULL) {
    	rpc->fault(ctx, 500, "Failed to query contact count");
    	return;
    }
-	count = (int)VAL_INT(ROW_VALUES(RES_ROWS(res)));
+	if (RES_ROW_N(res) > 0) {
+		count = (int)VAL_INT(ROW_VALUES(RES_ROWS(res)));
+	}
    ul_dbf.free_result(ul_dbh, res);
rpc->add(ctx, "d", count);
@@ -840,8 +843,8 @@ static void ul_rpc_db_expired_contacts(rpc_t* rpc, void* ctx)
    str table = {0, 0};
    char query[QUERY_LEN];
    str query_str;
-	db1_res_t* res;
-	int count;
+	db1_res_t* res = NULL;
+	int count = 0;
if (db_mode == NO_DB) {
    	rpc->fault(ctx, 500, "Command is not supported in db_mode=0");
@@ -871,12 +874,14 @@ static void ul_rpc_db_expired_contacts(rpc_t* rpc, void* ctx)
    query_str.len = snprintf(query, QUERY_LEN, "SELECT COUNT(*) FROM %.*s WHERE (UNIX_TIMESTAMP(expires) > 0) AND (expires <= NOW())",
    		table.len, table.s);
    query_str.s = query;
-	if (ul_dbf.raw_query(ul_dbh, &query_str, &res) < 0) {
+	if (ul_dbf.raw_query(ul_dbh, &query_str, &res) < 0 || res==NULL) {
    	rpc->fault(ctx, 500, "Failed to query contact count");
    	return;
    }
-	count = (int)VAL_INT(ROW_VALUES(RES_ROWS(res)));
+	if (RES_ROW_N(res) > 0) {
+		count = (int)VAL_INT(ROW_VALUES(RES_ROWS(res)));
+	}
    ul_dbf.free_result(ul_dbh, res);
rpc->add(ctx, "d", count);

    