From: Luigi Rizzo Date: Sat, 3 Jun 2006 22:56:45 +0000 (+0000) Subject: mark XXX a buggy section of code and implement a probable X-Git-Tag: 1.4.0-beta1~1089 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b7b716b61838faa1bf97f3812f82e104e8b44d34;p=thirdparty%2Fasterisk.git mark XXX a buggy section of code and implement a probable replacement (leave the original in case my code does not do what the function was meant to do). oej, please check this... git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@31843 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- diff --git a/channels/chan_sip.c b/channels/chan_sip.c index cd9479a203..3e97e884b1 100644 --- a/channels/chan_sip.c +++ b/channels/chan_sip.c @@ -11626,9 +11626,28 @@ static int handle_request_invite(struct sip_pvt *p, struct sip_request *req, int */ /* Skip leading whitespace */ - while(replace_id[0] && (replace_id[0] < 33)) - memmove(replace_id, replace_id+1, strlen(replace_id)); + replace_id = ast_skip_blanks(replace_id); + + /* XXX there are several bugs in the code below, + * because 'ptr' can be NULL so all the dereferences in strcasestr() + * would cause panics. + * I think we should do something like the code below, which also has + * the advantage of not depending on the order of headers. + * Please test if it works, and in case remove the block in #else / #endif + */ +#if 1 /* proposed replacement */ + start = replace_id; + while ( (ptr = strsep(&start, ";")) ) { + ptr = ast_skip_blanks(ptr); /* XXX maybe unnecessary ? */ + if ( (to = strcasestr(ptr, "to-tag=") ) ) + totag = to + 7; /* skip the keyword */ + else if ( (to = strcasestr(ptr, "from-tag=") ) ) { + fromtag = to + 9; /* skip the keyword */ + fromtag = strsep(&fromtag, "&"); /* trim what ? */ + } + } +#else /* original code, buggy */ if ((ptr = strchr(replace_id, ';'))) { *ptr = '\0'; ptr++; @@ -11641,6 +11660,7 @@ static int handle_request_invite(struct sip_pvt *p, struct sip_request *req, int totag = ptr; if ((to = strchr(ptr, ';'))) *to = '\0'; + /* XXX this code is also wrong as to can be NULL */ to++; ptr = to; } @@ -11654,6 +11674,7 @@ static int handle_request_invite(struct sip_pvt *p, struct sip_request *req, int if ((to = strchr(ptr, ';'))) *to = '\0'; } +#endif if (sipdebug && option_debug > 3) ast_log(LOG_DEBUG,"Invite/replaces: Will use Replace-Call-ID : %s Fromtag: %s Totag: %s\n", replace_id, fromtag ? fromtag : "", totag ? totag : "");