21 Mar
2019
21 Mar
'19
3:51 p.m.
Module: kamailio
Branch: master
Commit: 00ce103d24fcfca75ffc2ec4f3ea897fd516e61d
URL: https://github.com/kamailio/kamailio/commit/00ce103d24fcfca75ffc2ec4f3ea897…
Author: Daniel-Constantin Mierla <miconda(a)gmail.com>
Committer: Daniel-Constantin Mierla <miconda(a)gmail.com>
Date: 2019-03-21T13:48:25+01:00
usrloc: safety checks for query result in db rpc functions
- GH #1900
---
Modified: src/modules/usrloc/ul_rpc.c
---
Diff:
https://github.com/kamailio/kamailio/commit/00ce103d24fcfca75ffc2ec4f3ea897…
Patch:
https://github.com/kamailio/kamailio/commit/00ce103d24fcfca75ffc2ec4f3ea897…
---
diff --git a/src/modules/usrloc/ul_rpc.c b/src/modules/usrloc/ul_rpc.c
index 53031799ac..3afad823d9 100644
--- a/src/modules/usrloc/ul_rpc.c
+++ b/src/modules/usrloc/ul_rpc.c
@@ -733,8 +733,8 @@ static void ul_rpc_db_users(rpc_t* rpc, void* ctx)
str table = {0, 0};
char query[QUERY_LEN];
str query_str;
- db1_res_t* res;
- int count;
+ db1_res_t* res = NULL;
+ int count = 0;
if (db_mode == NO_DB) {
rpc->fault(ctx, 500, "Command is not supported in db_mode=0");
@@ -767,12 +767,13 @@ static void ul_rpc_db_users(rpc_t* rpc, void* ctx)
domain_col.len, domain_col.s,
table.len, table.s);
query_str.s = query;
- if (ul_dbf.raw_query(ul_dbh, &query_str, &res) < 0) {
+ if (ul_dbf.raw_query(ul_dbh, &query_str, &res) < 0 || res==NULL) {
rpc->fault(ctx, 500, "Failed to query AoR count");
return;
}
-
- count = (int)VAL_INT(ROW_VALUES(RES_ROWS(res)));
+ if (RES_ROW_N(res) > 0) {
+ count = (int)VAL_INT(ROW_VALUES(RES_ROWS(res)));
+ }
ul_dbf.free_result(ul_dbh, res);
rpc->add(ctx, "d", count);
@@ -788,8 +789,8 @@ static void ul_rpc_db_contacts(rpc_t* rpc, void* ctx)
str table = {0, 0};
char query[QUERY_LEN];
str query_str;
- db1_res_t* res;
- int count;
+ db1_res_t* res = NULL;
+ int count = 0;
if (db_mode == NO_DB) {
rpc->fault(ctx, 500, "Command is not supported in db_mode=0");
@@ -819,12 +820,14 @@ static void ul_rpc_db_contacts(rpc_t* rpc, void* ctx)
query_str.len = snprintf(query, QUERY_LEN, "SELECT COUNT(*) FROM %.*s WHERE
(UNIX_TIMESTAMP(expires) = 0) OR (expires > NOW())",
table.len, table.s);
query_str.s = query;
- if (ul_dbf.raw_query(ul_dbh, &query_str, &res) < 0) {
+ if (ul_dbf.raw_query(ul_dbh, &query_str, &res) < 0 || res==NULL) {
rpc->fault(ctx, 500, "Failed to query contact count");
return;
}
- count = (int)VAL_INT(ROW_VALUES(RES_ROWS(res)));
+ if (RES_ROW_N(res) > 0) {
+ count = (int)VAL_INT(ROW_VALUES(RES_ROWS(res)));
+ }
ul_dbf.free_result(ul_dbh, res);
rpc->add(ctx, "d", count);
@@ -840,8 +843,8 @@ static void ul_rpc_db_expired_contacts(rpc_t* rpc, void* ctx)
str table = {0, 0};
char query[QUERY_LEN];
str query_str;
- db1_res_t* res;
- int count;
+ db1_res_t* res = NULL;
+ int count = 0;
if (db_mode == NO_DB) {
rpc->fault(ctx, 500, "Command is not supported in db_mode=0");
@@ -871,12 +874,14 @@ static void ul_rpc_db_expired_contacts(rpc_t* rpc, void* ctx)
query_str.len = snprintf(query, QUERY_LEN, "SELECT COUNT(*) FROM %.*s WHERE
(UNIX_TIMESTAMP(expires) > 0) AND (expires <= NOW())",
table.len, table.s);
query_str.s = query;
- if (ul_dbf.raw_query(ul_dbh, &query_str, &res) < 0) {
+ if (ul_dbf.raw_query(ul_dbh, &query_str, &res) < 0 || res==NULL) {
rpc->fault(ctx, 500, "Failed to query contact count");
return;
}
- count = (int)VAL_INT(ROW_VALUES(RES_ROWS(res)));
+ if (RES_ROW_N(res) > 0) {
+ count = (int)VAL_INT(ROW_VALUES(RES_ROWS(res)));
+ }
ul_dbf.free_result(ul_dbh, res);
rpc->add(ctx, "d", count);