[sr-dev] git:5.3:35cd520b: auth: safety check for auth header pointer in pv_auth_check()

Daniel-Constantin Mierla miconda at gmail.com
Tue Feb 25 08:42:24 CET 2020


Module: kamailio
Branch: 5.3
Commit: 35cd520bfe29d63555aebf64717f602948773280
URL: https://github.com/kamailio/kamailio/commit/35cd520bfe29d63555aebf64717f602948773280

Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date: 2020-02-25T08:41:01+01:00

auth: safety check for auth header pointer in pv_auth_check()

(cherry picked from commit ea2ea2f8274eda9d8d7055b22fab8910cd773a19)

---

Modified: src/modules/auth/auth_mod.c

---

Diff:  https://github.com/kamailio/kamailio/commit/35cd520bfe29d63555aebf64717f602948773280.diff
Patch: https://github.com/kamailio/kamailio/commit/35cd520bfe29d63555aebf64717f602948773280.patch

---

diff --git a/src/modules/auth/auth_mod.c b/src/modules/auth/auth_mod.c
index b77be70b76..f9b7097c14 100644
--- a/src/modules/auth/auth_mod.c
+++ b/src/modules/auth/auth_mod.c
@@ -744,6 +744,13 @@ static int pv_auth_check(sip_msg_t *msg, str *srealm, str *spasswd, int vflags,
 
 	if(ret==AUTH_OK && (vchecks&AUTH_CHECK_ID_F)) {
 		hdr = (msg->proxy_auth==0)?msg->authorization:msg->proxy_auth;
+		if(hdr==NULL) {
+			if (msg->REQ_METHOD & (METHOD_ACK|METHOD_CANCEL|METHOD_PRACK)) {
+				return AUTH_OK;
+			} else {
+				return AUTH_ERROR;
+			}
+		}
 		suser = ((auth_body_t*)(hdr->parsed))->digest.username.user;
 
 		if((furi=parse_from_uri(msg))==NULL)




More information about the sr-dev mailing list