Module: sip-router
Branch: kamailio_3.0
Commit: 12894357413fe9fc91fc115d28d7fd523c1955f6
URL:
http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=1289435…
Author: Marius Zbihlei <marius.zbihlei(a)1and1.ro>
Committer: Marius Zbihlei <marius.zbihlei(a)1and1.ro>
Date: Fri Jul 23 11:32:25 2010 +0300
modules_k/pv : Fixed a bug in pv transformation (tobody transformation), that caused a
segmentation fault.
The bug was caused by a incorrect error handling of the parse_to() method (defined in
parser/parse_to.c).
The function returns a char* (pointer to the last character parsed), in case of error it
updates an error status.
On incorrect to params, a segmentation fault happened after some time.(Because of a double
pkg_free).
(cherry picked from commit e7096bf24310b71623520a3b963ddc50c111827c)
---
modules_k/pv/pv_trans.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/modules_k/pv/pv_trans.c b/modules_k/pv/pv_trans.c
index d9120de..f8e7347 100644
--- a/modules_k/pv/pv_trans.c
+++ b/modules_k/pv/pv_trans.c
@@ -950,7 +950,8 @@ int tr_eval_tobody(struct sip_msg *msg, tr_param_t *tp, int subtype,
/* parse params */
sv = _tr_tobody_str;
- if (parse_to(sv.s, sv.s + sv.len + 2, &_tr_tobody)<0)
+ parse_to(sv.s, sv.s + sv.len + 2, &_tr_tobody);
+ if (_tr_tobody.error == PARSE_ERROR)
{
memset(&_tr_tobody, 0, sizeof(struct to_body));
pkg_free(_tr_tobody_str.s);