[asterisk-commits] twilson: branch 1.8 r341189 - /branches/1.8/channels/chan_sip.c

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Mon Oct 17 12:35:27 CDT 2011


Author: twilson
Date: Mon Oct 17 12:35:23 2011
New Revision: 341189

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=341189
Log:
Initialize variables before calling parse_uri

If parse_uri was called with an empty URI, some pointers would be
modified and an invalid read could result. This patch avoids calling
parse_uri with an empty contact uri when parsing REGISTER requests. 

AST-2011-012

(closes issue ASTERISK-18668)

Modified:
    branches/1.8/channels/chan_sip.c

Modified: branches/1.8/channels/chan_sip.c
URL: http://svnview.digium.com/svn/asterisk/branches/1.8/channels/chan_sip.c?view=diff&rev=341189&r1=341188&r2=341189
==============================================================================
--- branches/1.8/channels/chan_sip.c (original)
+++ branches/1.8/channels/chan_sip.c Mon Oct 17 12:35:23 2011
@@ -13479,7 +13479,7 @@
 	char data[SIPBUFSIZE];
 	const char *expires = get_header(req, "Expires");
 	int expire = atoi(expires);
-	char *curi, *domain, *transport;
+	char *curi = NULL, *domain = NULL, *transport = NULL;
 	int transport_type;
 	const char *useragent;
 	struct ast_sockaddr oldsin, testsa;
@@ -13557,7 +13557,7 @@
 	ast_string_field_build(pvt, our_contact, "<%s>", curi);
 
 	/* Make sure it's a SIP URL */
-	if (parse_uri_legacy_check(curi, "sip:,sips:", &curi, NULL, &domain, &transport)) {
+	if (ast_strlen_zero(curi) || parse_uri_legacy_check(curi, "sip:,sips:", &curi, NULL, &domain, &transport)) {
 		ast_log(LOG_NOTICE, "Not a valid SIP contact (missing sip:/sips:) trying to use anyway\n");
 	}
 




More information about the asterisk-commits mailing list