[sr-dev] [kamailio/kamailio] In-place string transform having occasionally corrupted results (#1937)

andycwlai notifications at github.com
Thu Apr 25 05:00:14 CEST 2019


If I do a substring operation where I extract the middle of a string, I occasionally get results that are not correct. Example code:
$var(x) = $(var(y){s.substr,1,5});

This seems to be the same issue as: http://sip-router.1086192.n5.nabble.com/PATCH-Memory-corruption-using-s-substr-transformation-td118002.html

This issue had a fix which added "tr_string_clone_result" in numerous exit points in pv_trans.c:  https://github.com/kamailio/kamailio/commit/fe7e4a5152674aa9c81c09dd2fc9938d9e9e762e

It seemed to be missing at the exit path for the substring operation which may explain my observation. See:
https://github.com/kamailio/kamailio/blob/master/src/modules/pv/pv_trans.c#L617

I also notice that this is not used in some other string operations which leads me to wonder if this problem is more prevalent (likely, since I've heard reports of similar symptoms with the replace).

Suggestion: 
Investigate if we can have this "tr_string_clone_result" called here and remove all other occurrences in the switch clause. 

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/1937
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-dev/attachments/20190424/31bad080/attachment.html>


More information about the sr-dev mailing list