Browse code

core: NULL checks for ut.h

Add some NULL checks for shm/pkg dup functions and few others.

Stefan Mititelu authored on 18/11/2015 10:21:19
Showing 1 changed files
... ...
@@ -170,8 +170,7 @@ static char fourbits2char[16] = { '0', '1', '2', '3', '4', '5',
170 170
 /* converts a str to an u. short, returns the u. short and sets *err on
171 171
  * error and if err!=null
172 172
   */
173
-static inline unsigned short str2s(const char* s, unsigned int len,
174
-									int *err)
173
+static inline unsigned short str2s(const char* s, unsigned int len, int *err)
175 174
 {
176 175
 	unsigned short ret;
177 176
 	int i;
... ...
@@ -619,6 +618,10 @@ static inline void strlower(str* _s)
619 619
 {
620 620
 	int i;
621 621
 
622
+	if (_s == NULL) return ;
623
+	if (_s->len < 0) return ;
624
+	if (_s->s == NULL) return ;
625
+
622 626
 	for(i = 0; i < _s->len; i++) {
623 627
 		_s->s[i] = tolower(_s->s[i]);
624 628
 	}
... ...
@@ -631,7 +634,12 @@ static inline void strlower(str* _s)
631 631
 static inline int str2int(str* _s, unsigned int* _r)
632 632
 {
633 633
 	int i;
634
-	
634
+
635
+	if (_s == NULL) return -1;
636
+	if (_r == NULL) return -1;
637
+	if (_s->len < 0) return -1;
638
+	if (_s->s == NULL) return -1;
639
+
635 640
 	*_r = 0;
636 641
 	for(i = 0; i < _s->len; i++) {
637 642
 		if ((_s->s[i] >= '0') && (_s->s[i] <= '9')) {
... ...
@@ -641,7 +649,7 @@ static inline int str2int(str* _s, unsigned int* _r)
641 641
 			return -1;
642 642
 		}
643 643
 	}
644
-	
644
+
645 645
 	return 0;
646 646
 }
647 647
 
... ...
@@ -653,7 +661,10 @@ static inline int str2sint(str* _s, int* _r)
653 653
 	int i;
654 654
 	int sign;
655 655
 
656
-	if (_s->len == 0) return -1;
656
+	if (_s == NULL) return -1;
657
+	if (_r == NULL) return -1;
658
+	if (_s->len < 0) return -1;
659
+	if (_s->s == NULL) return -1;
657 660
 
658 661
 	*_r = 0;
659 662
 	sign = 1;
... ...
@@ -688,14 +699,41 @@ static inline int str2sint(str* _s, int* _r)
688 688
  */
689 689
 static inline int shm_str_dup(str* dst, const str* src)
690 690
 {
691
-	dst->s = (char*)shm_malloc(src->len);
692
-	if (!dst->s) {
691
+	/* NULL checks */
692
+	if (dst == NULL || src == NULL) {
693
+		LM_ERR("NULL src or dst\n");
694
+		return -1;
695
+	}
696
+
697
+	/**
698
+	 * fallback actions:
699
+	 * 	- dst->len=0
700
+	 * 	- dst->s is allocated sizeof(void*) size
701
+	 * 	- return 0 (i.e. success)
702
+	 */
703
+
704
+	/* fallback checks */
705
+	if (src->len < 0 || src->s == NULL) {
706
+		LM_WARN("shm_str_dup fallback; dup called for src->s == NULL or src->len < 0\n");
707
+		dst->len = 0;
708
+	} else {
709
+		dst->len = src->len;
710
+	}
711
+
712
+	dst->s = (char*)shm_malloc(dst->len);
713
+	if (dst->s == NULL) {
693 714
 		SHM_MEM_ERROR;
694 715
 		return -1;
695 716
 	}
696 717
 
697
-	memcpy(dst->s, src->s, src->len);
698
-	dst->len = src->len;
718
+	/* avoid memcpy from NULL source - undefined behaviour */
719
+	if (src->s == NULL) {
720
+		LM_WARN("shm_str_dup fallback; skip memcpy for src->s == NULL\n");
721
+		return 0;
722
+	}
723
+
724
+	memcpy(dst->s, src->s, dst->len);
725
+
699 726
 	return 0;
700 727
 }
701 728
 #endif /* SHM_MEM */
... ...
@@ -710,15 +748,41 @@ static inline int shm_str_dup(str* dst, const str* src)
710 710
  */
711 711
 static inline int pkg_str_dup(str* dst, const str* src)
712 712
 {
713
-	dst->s = (char*)pkg_malloc(src->len);
714
-	if (dst->s==NULL)
715
-	{
716
-		PKG_MEM_ERROR;
713
+	/* NULL checks */
714
+	if (dst == NULL || src == NULL) {
715
+		LM_ERR("NULL src or dst\n");
716
+		return -1;
717
+	}
718
+
719
+	/**
720
+	 * fallback actions:
721
+	 * 	- dst->len=0
722
+	 * 	- dst->s is allocated sizeof(void*) size
723
+	 * 	- return 0 (i.e. success)
724
+	 */
725
+
726
+	/* fallback checks */
727
+	if (src->len < 0 || src->s == NULL) {
728
+		LM_WARN("pkg_str_dup fallback; dup called for src->s == NULL or src->len < 0\n");
729
+		dst->len = 0;
730
+	} else {
731
+		dst->len = src->len;
732
+	}
733
+
734
+	dst->s = (char*)pkg_malloc(dst->len);
735
+	if (dst->s == NULL) {
736
+		SHM_MEM_ERROR;
717 737
 		return -1;
718 738
 	}
719 739
 
720
-	memcpy(dst->s, src->s, src->len);
721
-	dst->len = src->len;
740
+	/* avoid memcpy from NULL source - undefined behaviour */
741
+	if (src->s == NULL) {
742
+		LM_WARN("pkg_str_dup fallback; skip memcpy for src->s == NULL\n");
743
+		return 0;
744
+	}
745
+
746
+	memcpy(dst->s, src->s, dst->len);
747
+
722 748
 	return 0;
723 749
 }
724 750