[sr-dev] git:master:ea2ea2f8: auth: safety check for auth header pointer in pv_auth_check()

Module: kamailio Branch: master Commit: ea2ea2f8274eda9d8d7055b22fab8910cd773a19 URL: https://github.com/kamailio/kamailio/commit/ea2ea2f8274eda9d8d7055b22fab891… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2020-02-24T20:27:14+01:00 auth: safety check for auth header pointer in pv_auth_check() --- Modified: src/modules/auth/auth_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/ea2ea2f8274eda9d8d7055b22fab891… Patch: https://github.com/kamailio/kamailio/commit/ea2ea2f8274eda9d8d7055b22fab891… --- diff --git a/src/modules/auth/auth_mod.c b/src/modules/auth/auth_mod.c index b77be70b76..f9b7097c14 100644 --- a/src/modules/auth/auth_mod.c +++ b/src/modules/auth/auth_mod.c @@ -744,6 +744,13 @@ static int pv_auth_check(sip_msg_t *msg, str *srealm, str *spasswd, int vflags, if(ret==AUTH_OK && (vchecks&AUTH_CHECK_ID_F)) { hdr = (msg->proxy_auth==0)?msg->authorization:msg->proxy_auth; + if(hdr==NULL) { + if (msg->REQ_METHOD & (METHOD_ACK|METHOD_CANCEL|METHOD_PRACK)) { + return AUTH_OK; + } else { + return AUTH_ERROR; + } + } suser = ((auth_body_t*)(hdr->parsed))->digest.username.user; if((furi=parse_from_uri(msg))==NULL)