[sr-dev] kamailio cores on corrupted route header

Jijo realjijo at gmail.com
Tue Oct 9 15:49:32 CEST 2012


Hello,

kamailio cores when receives a corrupted route header.



For example, this was causing the core.



Route: sip:10.236.236.100;transport=tcp;r2=on;lr;ftag=1348218287134-Test-553188;osb-tag=NM;nat=yes;twan=yes?[=&
[=<sip:10.236.236.100;transport=tcp;r2=on;lr;ftag=1348218287134-Test-553188;osb-tag=NM;nat=yes;twan=yes?[=&%20[=>


I found the problem, the pointer was not initializing to null after freeing
it. Please apply this fix in the next version.

Here is the diff with the original(3.2.2) and changed version.


PGA:/mnt/o/kamailio-3.2.2/parser # diff -u parse_param.c.orig parse_param.c

--- parse_param.c.orig  2012-10-09 09:42:58.372003500 -0300

+++ parse_param.c       2012-10-09 21:34:14.556367900 -0300

@@ -545,6 +545,7 @@

  error:

        if (t) pkg_free(t);

        free_params(*_p);

+        *_p = 0;

        return -2;


  ok:


Thanks
Jijo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-dev/attachments/20121009/43660d44/attachment.htm>


More information about the sr-dev mailing list