From: Andrey Volk Date: Mon, 7 Oct 2019 18:37:33 +0000 (+0400) Subject: [mod_sofia] sofia_handle_sip_i_invite() leaks xml and event objects on acl_token... X-Git-Tag: v1.10.2^2~33 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8442218df134e9f775574e6188f4213622bc721e;p=thirdparty%2Ffreeswitch.git [mod_sofia] sofia_handle_sip_i_invite() leaks xml and event objects on acl_token, sofia_reg_handle_sip_r_challenge() leaks xml object when a user does not have params. --- diff --git a/src/mod/endpoints/mod_sofia/sofia.c b/src/mod/endpoints/mod_sofia/sofia.c index bc3d9da995..aedfb66e56 100644 --- a/src/mod/endpoints/mod_sofia/sofia.c +++ b/src/mod/endpoints/mod_sofia/sofia.c @@ -10537,6 +10537,10 @@ void sofia_handle_sip_i_invite(switch_core_session_t *session, nua_t *nua, sofia switch_channel_set_variable_printf(channel, "sip_invite_stamp", "%" SWITCH_TIME_T_FMT, sip_invite_time); if (*acl_token) { + if (x_user) { + switch_xml_free(x_user); + x_user = NULL; + } switch_channel_set_variable(channel, "acl_token", acl_token); if (sofia_locate_user(acl_token, session, sip, &x_user) == SWITCH_STATUS_SUCCESS) { switch_log_printf(SWITCH_CHANNEL_SESSION_LOG(session), SWITCH_LOG_DEBUG, "Authenticating user %s\n", acl_token); @@ -10544,6 +10548,9 @@ void sofia_handle_sip_i_invite(switch_core_session_t *session, nua_t *nua, sofia switch_log_printf(SWITCH_CHANNEL_SESSION_LOG(session), SWITCH_LOG_WARNING, "Error Authenticating user %s\n", acl_token); if (sofia_test_pflag(profile, PFLAG_AUTH_REQUIRE_USER)) { nua_respond(nh, SIP_480_TEMPORARILY_UNAVAILABLE, TAG_END()); + if (v_event) { + switch_event_destroy(&v_event); + } goto fail; } } diff --git a/src/mod/endpoints/mod_sofia/sofia_reg.c b/src/mod/endpoints/mod_sofia/sofia_reg.c index 43d0eeb353..569699a1c8 100644 --- a/src/mod/endpoints/mod_sofia/sofia_reg.c +++ b/src/mod/endpoints/mod_sofia/sofia_reg.c @@ -2624,9 +2624,8 @@ void sofia_reg_handle_sip_r_challenge(int status, sip_auth_password = dup_pass; } } - - switch_xml_free(x_user); } + switch_xml_free(x_user); } switch_event_destroy(&locate_params);