[sr-dev] git:5.7:ac118abd: topoh: memory leak fix for API call

Module: kamailio Branch: 5.7 Commit: ac118abdcb89e5e4ace524d9dbd27c0795f178d9 URL: https://github.com/kamailio/kamailio/commit/ac118abdcb89e5e4ace524d9dbd27c0… Author: harish <toharishs(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2023-05-17T10:00:02+02:00 topoh: memory leak fix for API call th_mask_callid_str & th_unmask_callid_str funtions used for API call to encode/decode call-ID uses static array declaration for callid_mbuf was unable to free callid data lump after use and leads to memory leak. when these futions was used through API call for topos memory leak bug as reported qm_free(): BUG: bad pointer 0x7faec4a7xxxx (out of memory block!) called from core: core/data_lump.c: free_lump(470) (cherry picked from commit 85b62cefa8d33bc736f1ab16e7c40646c903c812) --- Modified: src/modules/topoh/th_msg.c --- Diff: https://github.com/kamailio/kamailio/commit/ac118abdcb89e5e4ace524d9dbd27c0… Patch: https://github.com/kamailio/kamailio/commit/ac118abdcb89e5e4ace524d9dbd27c0… --- diff --git a/src/modules/topoh/th_msg.c b/src/modules/topoh/th_msg.c index 4762691845a..8698b7ab5d9 100644 --- a/src/modules/topoh/th_msg.c +++ b/src/modules/topoh/th_msg.c @@ -542,11 +542,8 @@ int th_unmask_callid(sip_msg_t *msg) return 0; } -#define TH_CALLID_SIZE 256 - int th_mask_callid_str(str *icallid, str *ocallid) { - static char th_callid_mbuf[TH_CALLID_SIZE]; str out; if(th_param_mask_callid==0) @@ -565,19 +562,9 @@ int th_mask_callid_str(str *icallid, str *ocallid) LM_ERR("cannot encode call-id\n"); return -1; } - - if(out.len>=TH_CALLID_SIZE) { - pkg_free(out.s); - LM_ERR("not enough callid buf size (needed %d)\n", out.len); - return -2; - } - - memcpy(th_callid_mbuf, out.s, out.len); - th_callid_mbuf[out.len] = '\0'; - - pkg_free(out.s); - - ocallid->s = th_callid_mbuf; + + out.s[out.len] = '\0'; + ocallid->s = out.s; ocallid->len = out.len; return 0; @@ -585,7 +572,7 @@ int th_mask_callid_str(str *icallid, str *ocallid) int th_unmask_callid_str(str *icallid, str *ocallid) { - static char th_callid_buf[TH_CALLID_SIZE]; + str out; if(th_param_mask_callid==0) @@ -610,18 +597,9 @@ int th_unmask_callid_str(str *icallid, str *ocallid) LM_ERR("failed to decode call-id\n"); return -2; } - if(out.len>=TH_CALLID_SIZE) { - pkg_free(out.s); - LM_ERR("not enough callid buf size (needed %d)\n", out.len); - return -2; - } - - memcpy(th_callid_buf, out.s, out.len); - th_callid_buf[out.len] = '\0'; - - pkg_free(out.s); - - ocallid->s = th_callid_buf; + + out.s[out.len] = '\0'; + ocallid->s = out.s; ocallid->len = out.len; return 0;