[sr-dev] git:master:4e760394: ims_auth: fixed rare core dump, due to null ptr check

Valentin Christoph valentin at kapsch.net
Fri Aug 11 15:54:32 CEST 2017


Module: kamailio
Branch: master
Commit: 4e760394b63ab0bf3ca6deb1d527c96f800a834d
URL: https://github.com/kamailio/kamailio/commit/4e760394b63ab0bf3ca6deb1d527c96f800a834d

Author: Valentin Christoph <valentin at kapsch.net>
Committer: Valentin Christoph <valentin at kapsch.net>
Date: 2017-08-11T14:43:36+02:00

ims_auth: fixed rare core dump, due to null ptr check

The ims_auth module reads the value from the Content-Length header
of a REGISTER request, before decoding the message body.
Due to a missing null pointer check, reading this value leads
to core dump in case the Content-Length header is missing.

---

Modified: src/modules/ims_auth/utils.c

---

Diff:  https://github.com/kamailio/kamailio/commit/4e760394b63ab0bf3ca6deb1d527c96f800a834d.diff
Patch: https://github.com/kamailio/kamailio/commit/4e760394b63ab0bf3ca6deb1d527c96f800a834d.patch

---

diff --git a/src/modules/ims_auth/utils.c b/src/modules/ims_auth/utils.c
index 2e40cf8c46..94d02e3fe7 100644
--- a/src/modules/ims_auth/utils.c
+++ b/src/modules/ims_auth/utils.c
@@ -204,7 +204,9 @@ str ims_get_body(struct sip_msg * msg)
 		LM_DBG("Error parsing until header Content-Length: \n");
 		return x;
 	}
-	x.len = (int)(long)msg->content_length->parsed;
+	if (msg->content_length)
+	    // Content-Length header might be missing
+	    x.len = (int)(long)msg->content_length->parsed;
         
         if (x.len>0) 
             x.s = get_body(msg);	




More information about the sr-dev mailing list