[sr-dev] git:kamailio_3.0: modules_k/pv : Fixed a bug in pv transformation ( tobody transformation), that caused a segmentation fault.

Marius Zbihlei marius.zbihlei at 1and1.ro
Fri Jul 23 11:21:05 CEST 2010


Module: sip-router
Branch: kamailio_3.0
Commit: 12894357413fe9fc91fc115d28d7fd523c1955f6
URL:    http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=12894357413fe9fc91fc115d28d7fd523c1955f6

Author: Marius Zbihlei <marius.zbihlei at 1and1.ro>
Committer: Marius Zbihlei <marius.zbihlei at 1and1.ro>
Date:   Fri Jul 23 11:32:25 2010 +0300

modules_k/pv : Fixed a bug in pv transformation (tobody transformation), that caused a segmentation fault.

The bug was caused by a incorrect error handling of the parse_to() method (defined in parser/parse_to.c).
The function returns a char* (pointer to the last character parsed), in case of error it updates an error status.
On incorrect to params, a segmentation fault happened after some time.(Because of a double pkg_free).
(cherry picked from commit e7096bf24310b71623520a3b963ddc50c111827c)

---

 modules_k/pv/pv_trans.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/modules_k/pv/pv_trans.c b/modules_k/pv/pv_trans.c
index d9120de..f8e7347 100644
--- a/modules_k/pv/pv_trans.c
+++ b/modules_k/pv/pv_trans.c
@@ -950,7 +950,8 @@ int tr_eval_tobody(struct sip_msg *msg, tr_param_t *tp, int subtype,
 		
 		/* parse params */
 		sv = _tr_tobody_str;
-		if (parse_to(sv.s, sv.s + sv.len + 2, &_tr_tobody)<0)
+		parse_to(sv.s, sv.s + sv.len + 2, &_tr_tobody);
+		if (_tr_tobody.error == PARSE_ERROR)
 		{
 			memset(&_tr_tobody, 0, sizeof(struct to_body));
 			pkg_free(_tr_tobody_str.s);




More information about the sr-dev mailing list