[mod_http_cache] Crash on HTTP GET with generated AWS v4 signature

Co-authored-by: Miguel Gonzalez <maggonzz@gmail.com>

diff --git a/src/mod/applications/mod_http_cache/aws.c b/src/mod/applications/mod_http_cache/aws.c
index d4b76e7cb29cd50d3cd926f2460854291e5feb73..e6eb43c885ff3e8a20580e5ecd1410d90c40eec2 100644 (file)
--- a/src/mod/applications/mod_http_cache/aws.c
+++ b/src/mod/applications/mod_http_cache/aws.c
@@ -291,6 +291,11 @@ SWITCH_MOD_DECLARE(switch_curl_slist_t *) aws_s3_append_headers(
        switch_aws_s3_profile aws_s3_profile;
        char* url_dup;
 
+       if (!query_string) {
+               switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "Missing required arg query_string.\n");
+               return headers;
+       }
+
        // Get bucket and object name from url
        switch_strdup(url_dup, url);
        parse_url(url_dup, profile->base_domain, "s3", &aws_s3_profile.bucket, &aws_s3_profile.object);

diff --git a/src/mod/applications/mod_http_cache/mod_http_cache.c b/src/mod/applications/mod_http_cache/mod_http_cache.c
index 55de15fdbc852664291271b2eaf3817cc4987130..232ef6294dc22c6e6fe09b23139567424f4b5698 100644 (file)
--- a/src/mod/applications/mod_http_cache/mod_http_cache.c
+++ b/src/mod/applications/mod_http_cache/mod_http_cache.c
@@ -1099,6 +1099,8 @@ static switch_status_t http_get(url_cache_t *cache, http_profile_t *profile, cac
        long httpRes = 0;
        int start_time_ms = switch_time_now() / 1000;
        switch_CURLcode curl_status = CURLE_UNKNOWN_OPTION;
+       char *query_string = NULL;
+       char *full_url = NULL;
 
        /* set up HTTP GET */
        get_data.fd = 0;
@@ -1110,7 +1112,14 @@ static switch_status_t http_get(url_cache_t *cache, http_profile_t *profile, cac
        }
 
        if (profile && profile->append_headers_ptr) {
-               headers = profile->append_headers_ptr(profile, headers, "GET", 0, "", url->url, 0, NULL);
+               headers = profile->append_headers_ptr(profile, headers, "GET", 0, "", url->url, 0, &query_string);
+       }
+
+       if (query_string) {
+               full_url = switch_mprintf("%s?%s", url->url, query_string);
+               free(query_string);
+       } else {
+               switch_strdup(full_url, url->url);
        }
 
        curl_handle = switch_curl_easy_init();
@@ -1123,7 +1132,7 @@ static switch_status_t http_get(url_cache_t *cache, http_profile_t *profile, cac
                if (headers) {
                        switch_curl_easy_setopt(curl_handle, CURLOPT_HTTPHEADER, headers);
                }
-               switch_curl_easy_setopt(curl_handle, CURLOPT_URL, get_data.url->url);
+               switch_curl_easy_setopt(curl_handle, CURLOPT_URL, full_url);
                switch_curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, get_file_callback);
                switch_curl_easy_setopt(curl_handle, CURLOPT_WRITEDATA, (void *) &get_data);
                switch_curl_easy_setopt(curl_handle, CURLOPT_HEADERFUNCTION, get_header_callback);
@@ -1178,6 +1187,7 @@ static switch_status_t http_get(url_cache_t *cache, http_profile_t *profile, cac
 
 done:
 
+       switch_safe_free(full_url);
        if (headers) {
                switch_curl_slist_free_all(headers);
        }