<p>Sean Bright has uploaded this change for <strong>review</strong>.</p><p><a href="https://gerrit.asterisk.org/6383">View Change</a></p><pre style="font-family: monospace,monospace; white-space: pre-wrap;">rtp_engine: Prevent possible double free with DTLS config<br><br>ASTERISK-27225 #close<br>Reported by: Richard Kenner<br><br>Change-Id: I097b81734ef730f8603c0b972909d212a3a5cf89<br>---<br>M main/rtp_engine.c<br>1 file changed, 11 insertions(+), 5 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/83/6383/1</pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">diff --git a/main/rtp_engine.c b/main/rtp_engine.c<br>index e078b24..673024e 100644<br>--- a/main/rtp_engine.c<br>+++ b/main/rtp_engine.c<br>@@ -2697,6 +2697,12 @@<br>       return NULL;<br> }<br> <br>+static void release_cfg_string(char **cfg)<br>+{<br>+ ast_free(*cfg);<br>+      *cfg = NULL;<br>+}<br>+<br> int ast_rtp_dtls_cfg_parse(struct ast_rtp_dtls_cfg *dtls_cfg, const char *name, const char *value)<br> {<br>  if (!strcasecmp(name, "dtlsenable")) {<br>@@ -2718,31 +2724,31 @@<br>                     return -1;<br>            }<br>     } else if (!strcasecmp(name, "dtlscertfile")) {<br>-            ast_free(dtls_cfg->certfile);<br>+             release_cfg_string(&dtls_cfg->certfile);<br>               if (!ast_strlen_zero(value) && !ast_file_is_readable(value)) {<br>                        ast_log(LOG_ERROR, "%s file %s does not exist or is not readable\n", name, value);<br>                  return -1;<br>            }<br>             dtls_cfg->certfile = ast_strdup(value);<br>    } else if (!strcasecmp(name, "dtlsprivatekey")) {<br>-          ast_free(dtls_cfg->pvtfile);<br>+              release_cfg_string(&dtls_cfg->pvtfile);<br>                if (!ast_strlen_zero(value) && !ast_file_is_readable(value)) {<br>                        ast_log(LOG_ERROR, "%s file %s does not exist or is not readable\n", name, value);<br>                  return -1;<br>            }<br>             dtls_cfg->pvtfile = ast_strdup(value);<br>     } else if (!strcasecmp(name, "dtlscipher")) {<br>-              ast_free(dtls_cfg->cipher);<br>+               release_cfg_string(&dtls_cfg->cipher);<br>                 dtls_cfg->cipher = ast_strdup(value);<br>      } else if (!strcasecmp(name, "dtlscafile")) {<br>-              ast_free(dtls_cfg->cafile);<br>+               release_cfg_string(&dtls_cfg->cafile);<br>                 if (!ast_strlen_zero(value) && !ast_file_is_readable(value)) {<br>                        ast_log(LOG_ERROR, "%s file %s does not exist or is not readable\n", name, value);<br>                  return -1;<br>            }<br>             dtls_cfg->cafile = ast_strdup(value);<br>      } else if (!strcasecmp(name, "dtlscapath") || !strcasecmp(name, "dtlscadir")) {<br>-          ast_free(dtls_cfg->capath);<br>+               release_cfg_string(&dtls_cfg->capath);<br>                 if (!ast_strlen_zero(value) && !ast_file_is_readable(value)) {<br>                        ast_log(LOG_ERROR, "%s file %s does not exist or is not readable\n", name, value);<br>                  return -1;<br></pre><p>To view, visit <a href="https://gerrit.asterisk.org/6383">change 6383</a>. To unsubscribe, visit <a href="https://gerrit.asterisk.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.asterisk.org/6383"/><meta itemprop="name" content="View Change"/></div></div>

<div style="display:none"> Gerrit-Project: asterisk </div>
<div style="display:none"> Gerrit-Branch: master </div>
<div style="display:none"> Gerrit-MessageType: newchange </div>
<div style="display:none"> Gerrit-Change-Id: I097b81734ef730f8603c0b972909d212a3a5cf89 </div>
<div style="display:none"> Gerrit-Change-Number: 6383 </div>
<div style="display:none"> Gerrit-PatchSet: 1 </div>
<div style="display:none"> Gerrit-Owner: Sean Bright <sean.bright@gmail.com> </div>