Re: [OpenSIPS-Devel] [opensips] presence_dialoginfo: Fix bounds checking by using a helper function. (#177)

[Bogdan Andrei IANCU]

Merged #177.

---
Reply to this email directly or view it on GitHub:
https://github.com/OpenSIPS/opensips/pull/177___
Devel mailing list
Devel@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/devel

[OpenSIPS-Devel] [opensips] presence_dialoginfo: Fix bounds checking by using a helper function. (#177)

[Walter Doekes]

Reported by: dsandras
gt; About the bound checking error, the code was cutamp;pasted from another
gt; place in the same file where the same error is still present:
gt; ...

Also I replaced a heap str with a stack one in build_dialoginfo. This
one wasn#39;t freed either unless an error condition was hit.
You can merge this Pull Request by running:

  git pull https://github.com/wdoekes/opensips wjd-fix_dialogaggr_bounds

Or you can view, comment on it, or merge it online at:

  https://github.com/OpenSIPS/opensips/pull/177

-- Commit Summary --

  * presence_dialoginfo: Fix bounds checking by using a helper function.

-- File Changes --

M modules/presence_dialoginfo/notify_body.c (75)

-- Patch Links --

https://github.com/OpenSIPS/opensips/pull/177.patch
https://github.com/OpenSIPS/opensips/pull/177.diff

---
Reply to this email directly or view it on GitHub:
https://github.com/OpenSIPS/opensips/pull/177
___
Devel mailing list
Devel@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/devel

Re: [OpenSIPS-Devel] [opensips] presence_dialoginfo: Fix bounds checking by using a helper function. (#177)

[Walter Doekes]

   return NULL;
 - }
 - memcpy(buf, sip:, 4);
 - memcpy(buf+4, pres_user-s, pres_user-len);
 - buf[pres_user-len+4] = '@';
 - memcpy(buf + pres_user-len + 5, pres_domain-s, pres_domain-len);
 - buf[pres_user-len + 5 + pres_domain-len]= '\0';
 -
 - pres_uri = (str*)pkg_malloc(sizeof(str));
 - if(pres_uri == NULL)
 - {
 - LM_ERR(while allocating memory\n);
 - return NULL;
 - }
 - memset(pres_uri, 0, sizeof(str));

Memset just before setting it.

---
Reply to this email directly or view it on GitHub:
https://github.com/OpenSIPS/opensips/pull/177/files#r10510194___
Devel mailing list
Devel@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/devel

Re: [OpenSIPS-Devel] [opensips] presence_dialoginfo: Fix bounds checking by using a helper function. (#177)

[Walter Doekes]

 @@ -444,10 +429,6 @@ str* build_dialoginfo(str* pres_user, str* pres_domain)
   xmlCleanupParser();
   return body;
  error:
 - if ( pres_uri )
 - {
 - pkg_free(pres_uri);

Here it was freed, but it wasn't when the function returned succesfully.

---
Reply to this email directly or view it on GitHub:
https://github.com/OpenSIPS/opensips/pull/177/files#r10510217___
Devel mailing list
Devel@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/devel