Browse code

auth: safety check for auth header pointer in pv_auth_check()

Daniel-Constantin Mierla authored on 24/02/2020 19:27:14
Showing 1 changed files
... ...
@@ -744,6 +744,13 @@ static int pv_auth_check(sip_msg_t *msg, str *srealm, str *spasswd, int vflags,
744 744
 
745 745
 	if(ret==AUTH_OK && (vchecks&AUTH_CHECK_ID_F)) {
746 746
 		hdr = (msg->proxy_auth==0)?msg->authorization:msg->proxy_auth;
747
+		if(hdr==NULL) {
748
+			if (msg->REQ_METHOD & (METHOD_ACK|METHOD_CANCEL|METHOD_PRACK)) {
749
+				return AUTH_OK;
750
+			} else {
751
+				return AUTH_ERROR;
752
+			}
753
+		}
747 754
 		suser = ((auth_body_t*)(hdr->parsed))->digest.username.user;
748 755
 
749 756
 		if((furi=parse_from_uri(msg))==NULL)