[sr-dev] git:4.2:1e4043f5: dialog: Sanity checks
Stefan Mititelu
stefan.mititelu at 1and1.ro
Tue Nov 3 15:53:10 CET 2015
Module: kamailio
Branch: 4.2
Commit: 1e4043f5c7af6204117a8780b0afe5c00b26be28
URL: https://github.com/kamailio/kamailio/commit/1e4043f5c7af6204117a8780b0afe5c00b26be28
Author: Stefan Mititelu <stefan.mititelu at 1and1.ro>
Committer: Stefan Mititelu <stefan.mititelu at 1and1.ro>
Date: 2015-11-03T16:51:12+02:00
dialog: Sanity checks
Add NULL checks for the parse_dlg_rr_param().
Segfault when 'did' parameter was empty in the Route header (e.g. 'did=').
(cherry picked from commit 876787d977c46ffcb1288f5eb66e91145cba1061)
---
Modified: modules/dialog/dlg_handlers.c
---
Diff: https://github.com/kamailio/kamailio/commit/1e4043f5c7af6204117a8780b0afe5c00b26be28.diff
Patch: https://github.com/kamailio/kamailio/commit/1e4043f5c7af6204117a8780b0afe5c00b26be28.patch
---
diff --git a/modules/dialog/dlg_handlers.c b/modules/dialog/dlg_handlers.c
index 7dc8478..d4eab6a 100644
--- a/modules/dialog/dlg_handlers.c
+++ b/modules/dialog/dlg_handlers.c
@@ -996,7 +996,29 @@ static inline int parse_dlg_rr_param(char *p, char *end, int *h_entry, int *h_id
{
char *s;
+ /* sanity checks */
+ if (!p) {
+ LM_ERR("NULL start of parameter string");
+ return -1;
+ }
+
+ if (!end) {
+ LM_ERR("NULL end of parameter string");
+ return -1;
+ }
+
+ if (!h_entry) {
+ LM_ERR("NULL h_entry");
+ return -1;
+ }
+
+ if (!h_id) {
+ LM_ERR("NULL h_id");
+ return -1;
+ }
+
for ( s=p ; p<end && *p!=DLG_SEPARATOR ; p++ );
+
if (*p!=DLG_SEPARATOR) {
LM_ERR("malformed rr param '%.*s'\n", (int)(long)(end-s), s);
return -1;
More information about the sr-dev
mailing list