[sr-dev] git:4.3:4602f2dc: auth_db: use username when querying for credentials via is_subscriber

Module: kamailio Branch: 4.3 Commit: 4602f2dc430b97b6e76ae5da9ebf7f2a7984a48c URL: https://github.com/kamailio/kamailio/commit/4602f2dc430b97b6e76ae5da9ebf7f2… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2016-02-07T20:24:42+01:00 auth_db: use username when querying for credentials via is_subscriber - for the case when credentials should not be stored, just discover if a record exists for the user - avoids buffer overflow by setting all credentials columns, while trying to use only the first column - reported by Anthony Messina, GH #500 (cherry picked from commit adbbe8b62d6b4b95e5ecbab041b93bb3130f1932) --- Modified: modules/auth_db/authorize.c --- Diff: https://github.com/kamailio/kamailio/commit/4602f2dc430b97b6e76ae5da9ebf7f2… Patch: https://github.com/kamailio/kamailio/commit/4602f2dc430b97b6e76ae5da9ebf7f2… --- diff --git a/modules/auth_db/authorize.c b/modules/auth_db/authorize.c index c307326..9174894 100644 --- a/modules/auth_db/authorize.c +++ b/modules/auth_db/authorize.c @@ -62,13 +62,16 @@ int fetch_credentials(sip_msg_t *msg, str *user, str* domain, str *table, int fl LM_ERR("no more pkg memory\n"); return -1; } - col[0] = &user_column; keys[0] = &user_column; keys[1] = &domain_column; - for (n = 0, cred=credentials; cred ; n++, cred=cred->next) { - col[n] = &cred->text; + if(flags&AUTH_DB_SUBS_SKIP_CREDENTIALS) { + col[0] = &user_column; + } else { + for (n = 0, cred=credentials; cred ; n++, cred=cred->next) { + col[n] = &cred->text; + } } VAL_TYPE(vals) = VAL_TYPE(vals + 1) = DB1_STR;