From: Sean Bright <sean.bright@gmail.com>
Date: Mon, 13 Jul 2020 20:42:40 +0000 (-0400)
Subject: acl.c: Coerce a NULL pointer into the empty string
X-Git-Tag: 13.36.0-rc1~10
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ff90e006773c6d219fcc3646420d373fdbd32f33;p=thirdparty%2Fasterisk.git

acl.c: Coerce a NULL pointer into the empty string

If an ACL is misconfigured in the realtime database (for instance, the
"rule" is blank) and Asterisk attempts to read the ACL, Asterisk will
crash.

ASTERISK-28978 #close

Change-Id: Ic1536c4df856231bfd2da00128f7822224d77610
---

diff --git a/main/acl.c b/main/acl.c
index 3d32976857..b1b838fd22 100644
--- a/main/acl.c
+++ b/main/acl.c
@@ -580,7 +580,7 @@ static struct ast_ha *append_ha_core(const char *sense, const char *stuff, struc
 	struct ast_ha *ha;
 	struct ast_ha *prev = NULL;
 	struct ast_ha *ret;
-	char *tmp, *list = ast_strdupa(stuff);
+	char *tmp, *list = ast_strdupa(stuff ?: "");
 	char *address = NULL, *mask = NULL;
 	int addr_is_v4;
 	int allowing = strncasecmp(sense, "p", 1) ? AST_SENSE_DENY : AST_SENSE_ALLOW;