Browse code

core: NULL checks for ut.h

Add some NULL checks for shm/pkg dup functions and few others.

(cherry-picked from commit 24999a5dbf7d986942479c0670158748c263a3cd)

Stefan Mititelu authored on 18/11/2015 10:21:19
Showing 1 changed files
... ...
@@ -189,8 +189,7 @@ static char fourbits2char[16] = { '0', '1', '2', '3', '4', '5',
189 189
 /* converts a str to an u. short, returns the u. short and sets *err on
190 190
  * error and if err!=null
191 191
   */
192
-static inline unsigned short str2s(const char* s, unsigned int len,
193
-									int *err)
192
+static inline unsigned short str2s(const char* s, unsigned int len, int *err)
194 193
 {
195 194
 	unsigned short ret;
196 195
 	int i;
... ...
@@ -638,6 +637,10 @@ static inline void strlower(str* _s)
638 637
 {
639 638
 	int i;
640 639
 
640
+	if (_s == NULL) return ;
641
+	if (_s->len < 0) return ;
642
+	if (_s->s == NULL) return ;
643
+
641 644
 	for(i = 0; i < _s->len; i++) {
642 645
 		_s->s[i] = tolower(_s->s[i]);
643 646
 	}
... ...
@@ -650,7 +653,12 @@ static inline void strlower(str* _s)
650 653
 static inline int str2int(str* _s, unsigned int* _r)
651 654
 {
652 655
 	int i;
653
-	
656
+
657
+	if (_s == NULL) return -1;
658
+	if (_r == NULL) return -1;
659
+	if (_s->len < 0) return -1;
660
+	if (_s->s == NULL) return -1;
661
+
654 662
 	*_r = 0;
655 663
 	for(i = 0; i < _s->len; i++) {
656 664
 		if ((_s->s[i] >= '0') && (_s->s[i] <= '9')) {
... ...
@@ -660,7 +668,7 @@ static inline int str2int(str* _s, unsigned int* _r)
660 668
 			return -1;
661 669
 		}
662 670
 	}
663
-	
671
+
664 672
 	return 0;
665 673
 }
666 674
 
... ...
@@ -672,7 +680,10 @@ static inline int str2sint(str* _s, int* _r)
672 680
 	int i;
673 681
 	int sign;
674 682
 
675
-	if (_s->len == 0) return -1;
683
+	if (_s == NULL) return -1;
684
+	if (_r == NULL) return -1;
685
+	if (_s->len < 0) return -1;
686
+	if (_s->s == NULL) return -1;
676 687
 
677 688
 	*_r = 0;
678 689
 	sign = 1;
... ...
@@ -707,14 +718,41 @@ static inline int str2sint(str* _s, int* _r)
707 718
  */
708 719
 static inline int shm_str_dup(str* dst, const str* src)
709 720
 {
710
-	dst->s = (char*)shm_malloc(src->len);
711
-	if (!dst->s) {
721
+	/* NULL checks */
722
+	if (dst == NULL || src == NULL) {
723
+		LM_ERR("NULL src or dst\n");
724
+		return -1;
725
+	}
726
+
727
+	/**
728
+	 * fallback actions:
729
+	 * 	- dst->len=0
730
+	 * 	- dst->s is allocated sizeof(void*) size
731
+	 * 	- return 0 (i.e. success)
732
+	 */
733
+
734
+	/* fallback checks */
735
+	if (src->len < 0 || src->s == NULL) {
736
+		LM_WARN("shm_str_dup fallback; dup called for src->s == NULL or src->len < 0\n");
737
+		dst->len = 0;
738
+	} else {
739
+		dst->len = src->len;
740
+	}
741
+
742
+	dst->s = (char*)shm_malloc(dst->len);
743
+	if (dst->s == NULL) {
712 744
 		SHM_MEM_ERROR;
713 745
 		return -1;
714 746
 	}
715 747
 
716
-	memcpy(dst->s, src->s, src->len);
717
-	dst->len = src->len;
748
+	/* avoid memcpy from NULL source - undefined behaviour */
749
+	if (src->s == NULL) {
750
+		LM_WARN("shm_str_dup fallback; skip memcpy for src->s == NULL\n");
751
+		return 0;
752
+	}
753
+
754
+	memcpy(dst->s, src->s, dst->len);
755
+
718 756
 	return 0;
719 757
 }
720 758
 #endif /* SHM_MEM */
... ...
@@ -729,15 +767,41 @@ static inline int shm_str_dup(str* dst, const str* src)
729 767
  */
730 768
 static inline int pkg_str_dup(str* dst, const str* src)
731 769
 {
732
-	dst->s = (char*)pkg_malloc(src->len);
733
-	if (dst->s==NULL)
734
-	{
770
+	/* NULL checks */
771
+	if (dst == NULL || src == NULL) {
772
+		LM_ERR("NULL src or dst\n");
773
+		return -1;
774
+	}
775
+
776
+	/**
777
+	 * fallback actions:
778
+	 * 	- dst->len=0
779
+	 * 	- dst->s is allocated sizeof(void*) size
780
+	 * 	- return 0 (i.e. success)
781
+	 */
782
+
783
+	/* fallback checks */
784
+	if (src->len < 0 || src->s == NULL) {
785
+		LM_WARN("pkg_str_dup fallback; dup called for src->s == NULL or src->len < 0\n");
786
+		dst->len = 0;
787
+	} else {
788
+		dst->len = src->len;
789
+	}
790
+
791
+	dst->s = (char*)pkg_malloc(dst->len);
792
+	if (dst->s == NULL) {
735 793
 		PKG_MEM_ERROR;
736 794
 		return -1;
737 795
 	}
738 796
 
739
-	memcpy(dst->s, src->s, src->len);
740
-	dst->len = src->len;
797
+	/* avoid memcpy from NULL source - undefined behaviour */
798
+	if (src->s == NULL) {
799
+		LM_WARN("pkg_str_dup fallback; skip memcpy for src->s == NULL\n");
800
+		return 0;
801
+	}
802
+
803
+	memcpy(dst->s, src->s, dst->len);
804
+
741 805
 	return 0;
742 806
 }
743 807