[Asterisk-code-review] res pjsip refer.c: Fix seg fault in process of Refer-to header. (asterisk[master])

[Sergio Medina Toledo]

Hello Richard Mudgett, Anonymous Coward #1000019, George Joseph,

I'd like you to reexamine a change.  Please visit

    https://gerrit.asterisk.org/2348

to look at the new patch set (#2).

Change subject: res_pjsip_refer.c: Fix seg fault in process of Refer-to header.
......................................................................

res_pjsip_refer.c: Fix seg fault in process of Refer-to header.

In an incoming Refer request when the "Refer-to" header is parsed and
extracted the uri, the uri is parsed by "pjsip_parse_uri" function,
the second parameter of that function is the uri NULL terminated, but
the uri may not come NULL terminated so before this fix the NULL
terminator was put in a section of memory where it shouldn't be, so
it can produce a segmentation fault or writing a 0 byte in a section
of memory that it shouldn't write, modifying another variable. Now
the uri is NULL terminated safely coping the uri to a new chunk of
memory with the correct size to be NULL terminated.

ASTERISK-25814 #close

Change-Id: I32565496684a5a49c3278fce06474b8c94b37342
---
M res/res_pjsip_refer.c
1 file changed, 9 insertions(+), 9 deletions(-)


  git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/48/2348/2
-- 
To view, visit https://gerrit.asterisk.org/2348
To unsubscribe, visit https://gerrit.asterisk.org/settings

Gerrit-MessageType: newpatchset
Gerrit-Change-Id: I32565496684a5a49c3278fce06474b8c94b37342
Gerrit-PatchSet: 2
Gerrit-Project: asterisk
Gerrit-Branch: master
Gerrit-Owner: Sergio Medina Toledo <lumasepa at gmail.com>
Gerrit-Reviewer: Anonymous Coward #1000019
Gerrit-Reviewer: George Joseph <george.joseph at fairview5.com>
Gerrit-Reviewer: Richard Mudgett <rmudgett at digium.com>
Gerrit-Reviewer: Sergio Medina Toledo <lumasepa at gmail.com>