[sr-dev] git:3.2: dialog(k): safety check for callid parameter in mi commands

Daniel-Constantin Mierla miconda at gmail.com
Sun Nov 25 21:58:18 CET 2012


Module: sip-router
Branch: 3.2
Commit: 07a7b98cea64fdbde4ac4d75de19b34d351659bb
URL:    http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=07a7b98cea64fdbde4ac4d75de19b34d351659bb

Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date:   Sun Nov 25 21:54:32 2012 +0100

dialog(k): safety check for callid parameter in mi commands

- if not provided properly, it may result in crash
- reported by Ricardo Martinez
(cherry picked from commit 8acb59ee4de31ab76763a021acaf7b5a13e02f23)

---

 modules_k/dialog/dlg_hash.c |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/modules_k/dialog/dlg_hash.c b/modules_k/dialog/dlg_hash.c
index 2dbf9a0..a2fbbdd 100644
--- a/modules_k/dialog/dlg_hash.c
+++ b/modules_k/dialog/dlg_hash.c
@@ -1042,6 +1042,8 @@ static inline struct mi_root* process_mi_params(struct mi_root *cmd_tree,
 
 	/* we have params -> get callid and fromtag */
 	callid = &node->value;
+	if(callid->s==NULL || callid->len<=0)
+		return init_mi_tree(400, MI_SSTR(MI_MISSING_PARM));
 	LM_DBG("callid='%.*s'\n", callid->len, callid->s);
 
 	node = node->next;




More information about the sr-dev mailing list