Browse code

core: cfg.len - sanitizer safety check of target buffer

(cherry picked from commit ef31c82ac3bd7972c2d02c893f8041af4664b717)

Daniel-Constantin Mierla authored on 05/04/2021 15:31:48
Showing 1 changed files
... ...
@@ -1436,7 +1436,7 @@ static char* addchar(struct str_buf* dst, char c)
1436 1436
 
1437 1437
 static char* addstr(struct str_buf* dst_b, char* src, int len)
1438 1438
 {
1439
-	char *tmp;
1439
+	char *tmp = NULL;
1440 1440
 	unsigned size;
1441 1441
 	unsigned used;
1442 1442
 
... ...
@@ -1455,6 +1455,10 @@ static char* addstr(struct str_buf* dst_b, char* src, int len)
1455 1455
 		dst_b->crt=dst_b->s+used;
1456 1456
 		dst_b->left=size-used;
1457 1457
 	}
1458
+	if(dst_b->crt==NULL) {
1459
+		LM_CRIT("unexpected null dst buffer\n");
1460
+		ksr_exit(-1);
1461
+	}
1458 1462
 	memcpy(dst_b->crt, src, len);
1459 1463
 	dst_b->crt+=len;
1460 1464
 	*(dst_b->crt)=0;