[sr-dev] git:master:ea2ea2f8: auth: safety check for auth header pointer in pv_auth_check()
Daniel-Constantin Mierla
miconda at gmail.com
Mon Feb 24 20:28:41 CET 2020
Module: kamailio
Branch: master
Commit: ea2ea2f8274eda9d8d7055b22fab8910cd773a19
URL: https://github.com/kamailio/kamailio/commit/ea2ea2f8274eda9d8d7055b22fab8910cd773a19
Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date: 2020-02-24T20:27:14+01:00
auth: safety check for auth header pointer in pv_auth_check()
---
Modified: src/modules/auth/auth_mod.c
---
Diff: https://github.com/kamailio/kamailio/commit/ea2ea2f8274eda9d8d7055b22fab8910cd773a19.diff
Patch: https://github.com/kamailio/kamailio/commit/ea2ea2f8274eda9d8d7055b22fab8910cd773a19.patch
---
diff --git a/src/modules/auth/auth_mod.c b/src/modules/auth/auth_mod.c
index b77be70b76..f9b7097c14 100644
--- a/src/modules/auth/auth_mod.c
+++ b/src/modules/auth/auth_mod.c
@@ -744,6 +744,13 @@ static int pv_auth_check(sip_msg_t *msg, str *srealm, str *spasswd, int vflags,
if(ret==AUTH_OK && (vchecks&AUTH_CHECK_ID_F)) {
hdr = (msg->proxy_auth==0)?msg->authorization:msg->proxy_auth;
+ if(hdr==NULL) {
+ if (msg->REQ_METHOD & (METHOD_ACK|METHOD_CANCEL|METHOD_PRACK)) {
+ return AUTH_OK;
+ } else {
+ return AUTH_ERROR;
+ }
+ }
suser = ((auth_body_t*)(hdr->parsed))->digest.username.user;
if((furi=parse_from_uri(msg))==NULL)
More information about the sr-dev
mailing list