[sr-dev] git:master:eb6c9462: http_client: safety check for lenght of retrieved headers
Daniel-Constantin Mierla
miconda at gmail.com
Thu Jul 27 11:35:22 CEST 2017
Module: kamailio
Branch: master
Commit: eb6c94626d02e5a6fc2c93328591c140853535da
URL: https://github.com/kamailio/kamailio/commit/eb6c94626d02e5a6fc2c93328591c140853535da
Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date: 2017-07-27T11:33:44+02:00
http_client: safety check for lenght of retrieved headers
---
Modified: src/modules/http_client/functions.c
---
Diff: https://github.com/kamailio/kamailio/commit/eb6c94626d02e5a6fc2c93328591c140853535da.diff
Patch: https://github.com/kamailio/kamailio/commit/eb6c94626d02e5a6fc2c93328591c140853535da.patch
---
diff --git a/src/modules/http_client/functions.c b/src/modules/http_client/functions.c
index ea194250ed..c4fc39d6a4 100644
--- a/src/modules/http_client/functions.c
+++ b/src/modules/http_client/functions.c
@@ -333,8 +333,8 @@ static int curL_query_url(struct sip_msg* _m, const char* _url, str* _dst,
/* HTTP_CODE CHANGED TO CURLINFO_RESPONSE_CODE in curl > 7.10.7 */
curl_easy_getinfo(curl, CURLINFO_HTTP_CODE, &stat);
if(res == CURLE_OK) {
- char *ct;
- char *url;
+ char *ct = NULL;
+ char *url = NULL;
/* ask for the content-type of the response */
res = curl_easy_getinfo(curl, CURLINFO_CONTENT_TYPE, &ct);
@@ -342,14 +342,16 @@ static int curL_query_url(struct sip_msg* _m, const char* _url, str* _dst,
if(ct) {
LM_DBG("We received Content-Type: %s\n", ct);
- if (params->pconn) {
+ if (params->pconn &&
+ strlen(ct)<sizeof(params->pconn->result_content_type)-1) {
strncpy(params->pconn->result_content_type, ct,
sizeof(params->pconn->result_content_type));
}
}
if(url) {
LM_DBG("We visited URL: %s\n", url);
- if (params->pconn) {
+ if (params->pconn
+ && strlen(url)<sizeof(params->pconn->redirecturl)-1) {
strncpy(params->pconn->redirecturl, url ,
sizeof(params->pconn->redirecturl));
}
More information about the sr-dev
mailing list