From: Mark Murawki Date: Thu, 26 May 2011 20:09:35 +0000 (+0000) Subject: ast_sockaddr_resolve() in netsock2.c may deref a null pointer X-Git-Tag: 1.8.5-rc1~11^2~75 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d21c41b26ac203366039ac741b90fe95f6da3f13;p=thirdparty%2Fasterisk.git ast_sockaddr_resolve() in netsock2.c may deref a null pointer Added a null check in netsock2 ast_sockaddr_resolve() as well as added default initalizers in chan_sip parse_uri_legacy_check() to make sure that invalid uris will make null (and not undefined) user,pass,domain,transport variables (closes issue #19346) Reported by: kobaz Patches: netsock2.patch uploaded by kobaz (license 834) Tested by: kobaz, Marquis git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@321100 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- diff --git a/channels/chan_sip.c b/channels/chan_sip.c index f1f401bfd3..4aca9b59e7 100644 --- a/channels/chan_sip.c +++ b/channels/chan_sip.c @@ -13288,6 +13288,20 @@ static int parse_ok_contact(struct sip_pvt *pvt, struct sip_request *req) /*! \brief parse uri in a way that allows semicolon stripping if legacy mode is enabled */ static int parse_uri_legacy_check(char *uri, const char *scheme, char **user, char **pass, char **domain, char **transport) { + /* Assume invalid to start */ + if (user) { + *user = 0; + } + if (pass) { + *pass = 0; + } + if (domain) { + *domain = 0; + } + if (transport) { + *transport = 0; + } + int ret = parse_uri(uri, scheme, user, pass, domain, transport); if (sip_cfg.legacy_useroption_parsing) { /* if legacy mode is active, strip semis from the user field */ char *p; diff --git a/main/netsock2.c b/main/netsock2.c index e575bcfa23..f57c8425ab 100644 --- a/main/netsock2.c +++ b/main/netsock2.c @@ -232,6 +232,10 @@ int ast_sockaddr_resolve(struct ast_sockaddr **addrs, const char *str, char *s, *host, *port; int e, i, res_cnt; + if (!str) { + return 0; + } + s = ast_strdupa(str); if (!ast_sockaddr_split_hostport(s, &host, &port, flags)) { return 0;