Re: [OpenSIPS-Devel] [opensips] presence_dialoginfo: Fix bounds checking by using a helper function. (#177)
@wdoekes , thanks a lot for this fix ! I uploaded it on all maintained versions !! --- Reply to this email directly or view it on GitHub: https://github.com/OpenSIPS/opensips/pull/177#issuecomment-38718400___ Devel mailing list Devel@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/devel
Re: [OpenSIPS-Devel] [opensips] presence_dialoginfo: Fix bounds checking by using a helper function. (#177)
Merged #177. --- Reply to this email directly or view it on GitHub: https://github.com/OpenSIPS/opensips/pull/177___ Devel mailing list Devel@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/devel
Re: [OpenSIPS-Devel] [opensips] presence_dialoginfo: Fix bounds checking by using a helper function. (#177)
> @@ -444,10 +429,6 @@ str* build_dialoginfo(str* pres_user, str* pres_domain)
> xmlCleanupParser();
> return body;
> error:
> - if ( pres_uri )
> - {
> - pkg_free(pres_uri);
Here it was freed, but it wasn't when the function returned succesfully.
---
Reply to this email directly or view it on GitHub:
https://github.com/OpenSIPS/opensips/pull/177/files#r10510217___
Devel mailing list
Devel@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/devel
Re: [OpenSIPS-Devel] [opensips] presence_dialoginfo: Fix bounds checking by using a helper function. (#177)
> return NULL;
> - }
> - memcpy(buf, "sip:", 4);
> - memcpy(buf+4, pres_user->s, pres_user->len);
> - buf[pres_user->len+4] = '@';
> - memcpy(buf + pres_user->len + 5, pres_domain->s, pres_domain->len);
> - buf[pres_user->len + 5 + pres_domain->len]= '\0';
> -
> - pres_uri = (str*)pkg_malloc(sizeof(str));
> - if(pres_uri == NULL)
> - {
> - LM_ERR("while allocating memory\n");
> - return NULL;
> - }
> - memset(pres_uri, 0, sizeof(str));
Memset just before setting it.
---
Reply to this email directly or view it on GitHub:
https://github.com/OpenSIPS/opensips/pull/177/files#r10510194___
Devel mailing list
Devel@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/devel
[OpenSIPS-Devel] [opensips] presence_dialoginfo: Fix bounds checking by using a helper function. (#177)
Reported by: dsandras > About the bound checking error, the code was cut&pasted from another > place in the same file where the same error is still present: > ... Also I replaced a heap str with a stack one in build_dialoginfo. This one wasn't freed either unless an error condition was hit. You can merge this Pull Request by running: git pull https://github.com/wdoekes/opensips wjd-fix_dialogaggr_bounds Or you can view, comment on it, or merge it online at: https://github.com/OpenSIPS/opensips/pull/177 -- Commit Summary -- * presence_dialoginfo: Fix bounds checking by using a helper function. -- File Changes -- M modules/presence_dialoginfo/notify_body.c (75) -- Patch Links -- https://github.com/OpenSIPS/opensips/pull/177.patch https://github.com/OpenSIPS/opensips/pull/177.diff --- Reply to this email directly or view it on GitHub: https://github.com/OpenSIPS/opensips/pull/177 ___ Devel mailing list Devel@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/devel
