git:5.6:6796e7fa: lib/ims: check return of strtok(...) - sr-dev

24 Feb 2023

Module: kamailio
Branch: 5.6
Commit: 6796e7faeef7c0af9805b07e4f29c6924d8f3edc
URL: https://github.com/kamailio/kamailio/commit/6796e7faeef7c0af9805b07e4f29c692...
Author: Daniel-Constantin Mierla miconda@gmail.com
Committer: Daniel-Constantin Mierla miconda@gmail.com
Date: 2023-02-24T13:53:21+01:00
lib/ims: check return of strtok(...)
(cherry picked from commit 63095ef1bef36a35952ed265f41d87ccbc1bba70)
---
Modified: src/lib/ims/ims_getters.c
---
Diff:  https://github.com/kamailio/kamailio/commit/6796e7faeef7c0af9805b07e4f29c692...
Patch: https://github.com/kamailio/kamailio/commit/6796e7faeef7c0af9805b07e4f29c692...
---

diff --git a/src/lib/ims/ims_getters.c b/src/lib/ims/ims_getters.c
index 26fdbb8c418..56816be422f 100644
--- a/src/lib/ims/ims_getters.c
+++ b/src/lib/ims/ims_getters.c
@@ -1247,12 +1247,13 @@ int cscf_get_p_charging_vector(struct sip_msg *msg, str * icid, str * orig_ioi,
    LM_DBG("p_charging_vector body is %.*s\n", header_body.len, header_body.s);
p = strtok(header_body.s, " ;:\r\t\n"=");
-	loop: if (p > (header_body.s + header_body.len))
+loop:
+	if (p == NULL || p > (header_body.s + header_body.len))
    	return 1;
if (strncmp(p, "icid-value", 10) == 0) {
    	p = strtok(NULL, " ;:\r\t\n"=");
-		if (p > (header_body.s + header_body.len)) {
+		if (p == NULL || p > (header_body.s + header_body.len)) {
    		LM_ERR("cscf_get_p_charging_vector: no value for icid\n");
    		return 0;
    	}
@@ -1272,7 +1273,7 @@ int cscf_get_p_charging_vector(struct sip_msg *msg, str * icid, str * orig_ioi,
    } else if (strncmp(p, "orig-ioi", 8) == 0) {
p = strtok(NULL, " ;:\r\t\n"=");
-		if (p > (header_body.s + header_body.len)) {
+		if (p == NULL || p > (header_body.s + header_body.len)) {
    		LM_ERR("cscf_get_p_charging_vector: no value for icid\n");
    		return 0;
    	}
@@ -1292,7 +1293,7 @@ int cscf_get_p_charging_vector(struct sip_msg *msg, str * icid, str * orig_ioi,
    } else if (strncmp(p, "term-ioi", 8) == 0) {
p = strtok(NULL, " ;:\r\t\n"=");
-		if (p > (header_body.s + header_body.len)) {
+		if (p == NULL || p > (header_body.s + header_body.len)) {
    		LM_ERR("cscf_get_p_charging_vector: no value for icid\n");
    		return 0;
    	}
@@ -1314,7 +1315,7 @@ int cscf_get_p_charging_vector(struct sip_msg *msg, str * icid, str * orig_ioi,
    LM_DBG("end\n");
    str_free(header_body, pkg);
    return 1;
-	out_of_memory:
+out_of_memory:
    PKG_MEM_ERROR;
    return 0;
 }

    