Browse code

core: safety checks on proto variable for dsn resolving

- avoid crashes if functions used inadequately with a null pointer

(cherry picked from commit aff1dcd3dc63c0fe124fc138d553da0723c615a8)
(cherry picked from commit 813b25663adbaae1c4f5ea2731c1fe16cad756e2)

Daniel-Constantin Mierla authored on 22/12/2014 20:41:53
Showing 2 changed files
... ...
@@ -2817,7 +2817,11 @@ struct hostent* dns_naptr_sip_resolvehost(str* name, unsigned short* port,
2817 2817
 	char origproto;
2818 2818
 	str srv_name;
2819 2819
 
2820
-	origproto=*proto;
2820
+	if(proto) {
2821
+		origproto=*proto;
2822
+	} else {
2823
+		origproto=PROTO_NONE;
2824
+	}
2821 2825
 	he=0;
2822 2826
 	if (dns_hash==0){ /* not init => use normal, non-cached version */
2823 2827
 		LOG(L_WARN, "WARNING: dns_sip_resolvehost: called before dns cache"
... ...
@@ -2858,7 +2862,7 @@ struct hostent* dns_naptr_sip_resolvehost(str* name, unsigned short* port,
2858 2862
 		dns_hash_put(e);
2859 2863
 	}
2860 2864
 naptr_not_found:
2861
-	*proto = origproto;
2865
+	if(proto) *proto = origproto;
2862 2866
 	he = no_naptr_srv_sip_resolvehost(name,port,proto);
2863 2867
 	/* fallback all the way down to A/AAAA */
2864 2868
 	if (he==0) {
... ...
@@ -196,6 +196,7 @@ static int check_via_address(struct ip_addr* ip, str *name,
196 196
 	int i;
197 197
 	char* s;
198 198
 	int len;
199
+	char lproto;
199 200
 
200 201
 	/* maybe we are lucky and name it's an ip */
201 202
 	s=ip_addr2a(ip);
... ...
@@ -228,7 +229,8 @@ static int check_via_address(struct ip_addr* ip, str *name,
228 229
 	if (resolver&DO_DNS){
229 230
 		DBG("check_via_address: doing dns lookup\n");
230 231
 		/* try all names ips */
231
-		he=sip_resolvehost(name, &port, 0); /* don't use naptr */
232
+		lproto = PROTO_NONE;
233
+		he=sip_resolvehost(name, &port, &lproto); /* don't use naptr */
232 234
 		if (he && ip->af==he->h_addrtype){
233 235
 			for(i=0;he && he->h_addr_list[i];i++){
234 236
 				if ( memcmp(&he->h_addr_list[i], ip->u.addr, ip->len)==0)