[svn-commits] rmudgett: trunk r433200 - in /trunk: ./ main/ res/

[SVN commits to the Digium repositories]

Author: rmudgett
Date: Fri Mar 20 13:27:22 2015
New Revision: 433200

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=433200
Log:
res_pjsip_sdp_rtp,sorcery: Fix invalid access and memory leak respectively.

Valgrind found a memory leak and invalid access.

* Fix invalid access by sscanf() being fed a non-nul terminated string of
digits in res/res_pjsip_sdp_rtp.c:get_codecs().

* Fix memory leak in main/sorcery.c:sorcery_object_field_destructor().

* Fix potential NULL pointer dereference in
main/xmldoc.c:xmldoc_get_syntax_config_option().

Review: https://reviewboard.asterisk.org/r/4513/
........

Merged revisions 433199 from http://svn.asterisk.org/svn/asterisk/branches/13

Modified:
    trunk/   (props changed)
    trunk/main/sorcery.c
    trunk/main/xmldoc.c
    trunk/res/res_pjsip_sdp_rtp.c

Propchange: trunk/
------------------------------------------------------------------------------
Binary property 'branch-13-merged' - no diff available.

Modified: trunk/main/sorcery.c
URL: 
http://svnview.digium.com/svn/asterisk/trunk/main/sorcery.c?view=diff&rev=433200&r1=433199&r2=433200
==============================================================================
--- trunk/main/sorcery.c (original)
+++ trunk/main/sorcery.c Fri Mar 20 13:27:22 2015
@@ -1078,6 +1078,7 @@
 
        if (object_field->name_regex) {
                regfree(object_field->name_regex);
+               ast_free(object_field->name_regex);
        }
 }
 

Modified: trunk/main/xmldoc.c
URL: 
http://svnview.digium.com/svn/asterisk/trunk/main/xmldoc.c?view=diff&rev=433200&r1=433199&r2=433200
==============================================================================
--- trunk/main/xmldoc.c (original)
+++ trunk/main/xmldoc.c Fri Mar 20 13:27:22 2015
@@ -1239,7 +1239,7 @@
        regex = ast_xml_get_attribute(fixnode, "regex");
        ast_str_set(&syntax, 0, "%s = [%s] (Default: %s) (Regex: %s)\n",
                name,
-               type,
+               type ?: "",
                default_value ?: "n/a",
                regex ?: "False");
 

Modified: trunk/res/res_pjsip_sdp_rtp.c
URL: 
http://svnview.digium.com/svn/asterisk/trunk/res/res_pjsip_sdp_rtp.c?view=diff&rev=433200&r1=433199&r2=433200
==============================================================================
--- trunk/res/res_pjsip_sdp_rtp.c (original)
+++ trunk/res/res_pjsip_sdp_rtp.c Fri Mar 20 13:27:22 2015
@@ -180,7 +180,11 @@
                }
 
                if ((pjmedia_sdp_attr_get_fmtp(attr, &fmtp)) == PJ_SUCCESS) {
-                       sscanf(pj_strbuf(&fmtp.fmt), "%d", &num);
+                       ast_copy_pj_str(fmt_param, &fmtp.fmt, 
sizeof(fmt_param));
+                       if (sscanf(fmt_param, "%30d", &num) != 1) {
+                               continue;
+                       }
+
                        if ((format = ast_rtp_codecs_get_payload_format(codecs, 
num))) {
                                struct ast_format *format_parsed;
 


-- 
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

svn-commits mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/svn-commits