Browse code

core: cfg.len - sanitizer safety check of target buffer

Daniel-Constantin Mierla authored on 05/04/2021 15:31:48
Showing 1 changed files
... ...
@@ -1593,7 +1593,7 @@ static char* addchar(struct str_buf* dst, char c)
1593 1593
 
1594 1594
 static char* addstr(struct str_buf* dst_b, char* src, int len)
1595 1595
 {
1596
-	char *tmp;
1596
+	char *tmp = NULL;
1597 1597
 	unsigned size;
1598 1598
 	unsigned used;
1599 1599
 
... ...
@@ -1612,6 +1612,10 @@ static char* addstr(struct str_buf* dst_b, char* src, int len)
1612 1612
 		dst_b->crt=dst_b->s+used;
1613 1613
 		dst_b->left=size-used;
1614 1614
 	}
1615
+	if(dst_b->crt==NULL) {
1616
+		LM_CRIT("unexpected null dst buffer\n");
1617
+		ksr_exit(-1);
1618
+	}
1615 1619
 	memcpy(dst_b->crt, src, len);
1616 1620
 	dst_b->crt+=len;
1617 1621
 	*(dst_b->crt)=0;