From: Kevin Harwell <kharwell@digium.com>
Date: Wed, 17 Aug 2016 21:40:49 +0000 (-0500)
Subject: pbx.c: Crash in handle_hint_change due to uninitialized values
X-Git-Tag: 11.24.0-rc1~34
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fchanges%2F01%2F3601%2F2;p=thirdparty%2Fasterisk.git

pbx.c: Crash in handle_hint_change due to uninitialized values

handle_hint_change calls extension_presence_state_helper, which returns the
presence state subtype and message when a valid state is available. If the
state is invalid then those values are not filled. If they have not been
properly initialized to NULL then when ast_free is later called on them
Asterisk crashes.

This patch initializes the subtype and message to NULL.

ASTERISK-25706 #close
patches:
  0008-handle_hint_change-initialize-presence_state.patch
   submitted by Tzafrir Cohen (license 5035)

Change-Id: I2eb08c68951b327c42df0798de60484c3a225a50
---

diff --git a/main/pbx.c b/main/pbx.c
index 41094c5d64..daf2e437c5 100644
--- a/main/pbx.c
+++ b/main/pbx.c
@@ -6151,6 +6151,8 @@ static int handle_hint_change(void *data)
 
 	device_state_notify_callbacks(hint, &hint_app);
 
+	memset(&presence_state, 0, sizeof(presence_state));
+
 	state = extension_presence_state_helper(
 		hint->exten, &presence_state.subtype, &presence_state.message);