Module: kamailio Branch: master Commit: a0b4e58b7b60372dbc6d4230313248cef6c05f1b URL: https://github.com/kamailio/kamailio/commit/a0b4e58b7b60372dbc6d4230313248cef6c05f1b
Author: Lucian Balaceanu <lucian.balace...@1and1.ro> Committer: GitHub <nore...@github.com> Date: 2017-01-18T11:08:56+02:00 Merge pull request #937 from lbalaceanu/master carrieroute: fix double free related to hash_index --- Modified: src/modules/carrierroute/cr_data.c Modified: src/modules/carrierroute/cr_rule.c --- Diff: https://github.com/kamailio/kamailio/commit/a0b4e58b7b60372dbc6d4230313248cef6c05f1b.diff Patch: https://github.com/kamailio/kamailio/commit/a0b4e58b7b60372dbc6d4230313248cef6c05f1b.patch --- diff --git a/src/modules/carrierroute/cr_data.c b/src/modules/carrierroute/cr_data.c index d84fb07..98ad852 100644 --- a/src/modules/carrierroute/cr_data.c +++ b/src/modules/carrierroute/cr_data.c @@ -589,11 +589,13 @@ static int rule_fixup_recursor(struct dtrie_node_t *node) { if (rr->hash_index > rf->rule_num) { LM_ERR("too large hash index %i, max is %i\n", rr->hash_index, rf->rule_num); shm_free(rf->rules); + rf->rules = NULL; return -1; } if (rf->rules[rr->hash_index - 1]) { LM_ERR("duplicate hash index %i\n", rr->hash_index); shm_free(rf->rules); + rf->rules = NULL; return -1; } rf->rules[rr->hash_index - 1] = rr; diff --git a/src/modules/carrierroute/cr_rule.c b/src/modules/carrierroute/cr_rule.c index 5130b9e..143cedc 100644 --- a/src/modules/carrierroute/cr_rule.c +++ b/src/modules/carrierroute/cr_rule.c @@ -251,6 +251,7 @@ void destroy_route_flags(struct route_flags *rf) { if (rf->rules) { shm_free(rf->rules); + rf->rules = NULL; } rs = rf->rule_list; while (rs != NULL) { _______________________________________________ sr-dev mailing list sr-dev@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
