[svn-commits] kharwell: trunk r402758 - in /trunk: ./ res/
    SVN commits to the Digium repositories 
    svn-commits at lists.digium.com
       
    Tue Nov 12 10:49:19 CST 2013
    
    
  
Author: kharwell
Date: Tue Nov 12 10:49:17 2013
New Revision: 402758
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=402758
Log:
pjsip_messaging, pjsip_header_funcs: Crashes due to NULL pointer dereferences
Both res_pjsip_messaging and res_pjsip_header_funcs were causing asterisk to
crash because they were trying to dereference a NULL pointer.
In the case of res_pjsip_messaging it was attempting to "print" a contact
header that did not exist.  In fact contact headers should not be part of
a SIP MESSAGE, so the offending code was simply removed.
In the case of res_pjsip_header_funcs a null private channel tech was being
passed to the function and then later dereferenced.  Added null checks (and
error logging) to the read/write function handlers to guard against crashing.
(closes issue ASTERISK-22821)
Reported by: Anthony Messina
........
Merged revisions 402757 from http://svn.asterisk.org/svn/asterisk/branches/12
Modified:
    trunk/   (props changed)
    trunk/res/res_pjsip_header_funcs.c
    trunk/res/res_pjsip_messaging.c
Propchange: trunk/
------------------------------------------------------------------------------
--- branch-12-merged (original)
+++ branch-12-merged Tue Nov 12 10:49:17 2013
@@ -1,1 +1,1 @@
-/branches/12:1-398558,398560-398577,398579-399305,399307-401390,401392-402738,402755
+/branches/12:1-398558,398560-398577,398579-399305,399307-401390,401392-402738,402755,402757
Modified: trunk/res/res_pjsip_header_funcs.c
URL: http://svnview.digium.com/svn/asterisk/trunk/res/res_pjsip_header_funcs.c?view=diff&rev=402758&r1=402757&r2=402758
==============================================================================
--- trunk/res/res_pjsip_header_funcs.c (original)
+++ trunk/res/res_pjsip_header_funcs.c Tue Nov 12 10:49:17 2013
@@ -452,6 +452,11 @@
 						 AST_APP_ARG(header_name); AST_APP_ARG(header_number););
 	AST_STANDARD_APP_ARGS(args, data);
 
+	if (!channel) {
+		ast_log(LOG_ERROR, "This function requires a PJSIP channel.\n");
+		return -1;
+	}
+
 	if (ast_strlen_zero(args.action)) {
 		ast_log(AST_LOG_ERROR, "This function requires an action.\n");
 		return -1;
@@ -505,6 +510,11 @@
 						 AST_APP_ARG(action);
 						 AST_APP_ARG(header_name); AST_APP_ARG(header_number););
 	AST_STANDARD_APP_ARGS(args, data);
+
+	if (!channel) {
+		ast_log(LOG_ERROR, "This function requires a PJSIP channel.\n");
+		return -1;
+	}
 
 	if (ast_strlen_zero(args.action)) {
 		ast_log(AST_LOG_ERROR, "This function requires an action.\n");
Modified: trunk/res/res_pjsip_messaging.c
URL: http://svnview.digium.com/svn/asterisk/trunk/res/res_pjsip_messaging.c?view=diff&rev=402758&r1=402757&r2=402758
==============================================================================
--- trunk/res/res_pjsip_messaging.c (original)
+++ trunk/res/res_pjsip_messaging.c Tue Nov 12 10:49:17 2013
@@ -431,15 +431,9 @@
 		CHECK_RES(ast_msg_set_from(msg, "%s", buf));
 	}
 
-	/* contact header */
-	if ((size = pjsip_hdr_print_on(pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_CONTACT, NULL), buf, sizeof(buf)-1)) > 0) {
-		buf[size] = '\0';
-		CHECK_RES(ast_msg_set_var(msg, "SIP_FULLCONTACT", buf));
-	}
-
 	/* receive address */
 	field = pj_sockaddr_print(&rdata->pkt_info.src_addr, buf, sizeof(buf)-1, 1);
-	CHECK_RES(ast_msg_set_var(msg, "SIP_RECVADDR", field));
+	CHECK_RES(ast_msg_set_var(msg, "PJSIP_RECVADDR", field));
 
 	/* body */
 	if (print_body(rdata, buf, sizeof(buf) - 1) > 0) {
@@ -448,7 +442,7 @@
 
 	/* endpoint name */
 	if (endpt->id.self.name.valid) {
-		CHECK_RES(ast_msg_set_var(msg, "SIP_PEERNAME", endpt->id.self.name.str));
+		CHECK_RES(ast_msg_set_var(msg, "PJSIP_PEERNAME", endpt->id.self.name.str));
 	}
 
 	CHECK_RES(headers_to_vars(rdata, msg));
    
    
More information about the svn-commits
mailing list