[svn-commits] twilson: branch 10 r341190 - in /branches/10: ./ channels/chan_sip.c

[SVN commits to the Digium repositories]

Author: twilson
Date: Mon Oct 17 12:36:45 2011
New Revision: 341190

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=341190
Log:
Initialize variables before calling parse_uri

If parse_uri was called with an empty URI, some pointers would be
modified and an invalid read could result. This patch avoids calling
parse_uri with an empty contact uri when parsing REGISTER requests. 

AST-2011-012

(closes issue ASTERISK-18668)
........

Merged revisions 341189 from http://svn.asterisk.org/svn/asterisk/branches/1.8

Modified:
    branches/10/   (props changed)
    branches/10/channels/chan_sip.c

Propchange: branches/10/
------------------------------------------------------------------------------
Binary property 'branch-1.8-merged' - no diff available.

Modified: branches/10/channels/chan_sip.c
URL: http://svnview.digium.com/svn/asterisk/branches/10/channels/chan_sip.c?view=diff&rev=341190&r1=341189&r2=341190
==============================================================================
--- branches/10/channels/chan_sip.c (original)
+++ branches/10/channels/chan_sip.c Mon Oct 17 12:36:45 2011
@@ -13794,7 +13794,7 @@
 	char data[SIPBUFSIZE];
 	const char *expires = sip_get_header(req, "Expires");
 	int expire = atoi(expires);
-	char *curi, *domain, *transport;
+	char *curi = NULL, *domain = NULL, *transport = NULL;
 	int transport_type;
 	const char *useragent;
 	struct ast_sockaddr oldsin, testsa;
@@ -13872,7 +13872,7 @@
 	ast_string_field_build(pvt, our_contact, "<%s>", curi);
 
 	/* Make sure it's a SIP URL */
-	if (parse_uri_legacy_check(curi, "sip:,sips:", &curi, NULL, &domain, &transport)) {
+	if (ast_strlen_zero(curi) || parse_uri_legacy_check(curi, "sip:,sips:", &curi, NULL, &domain, &transport)) {
 		ast_log(LOG_NOTICE, "Not a valid SIP contact (missing sip:/sips:) trying to use anyway\n");
 	}