git:5.3:35cd520b: auth: safety check for auth header pointer in pv_auth_check() - sr-dev

25 Feb 2020

Module: kamailio
Branch: 5.3
Commit: 35cd520bfe29d63555aebf64717f602948773280
URL: https://github.com/kamailio/kamailio/commit/35cd520bfe29d63555aebf64717f6029...
Author: Daniel-Constantin Mierla miconda@gmail.com
Committer: Daniel-Constantin Mierla miconda@gmail.com
Date: 2020-02-25T08:41:01+01:00
auth: safety check for auth header pointer in pv_auth_check()
(cherry picked from commit ea2ea2f8274eda9d8d7055b22fab8910cd773a19)
---
Modified: src/modules/auth/auth_mod.c
---
Diff:  https://github.com/kamailio/kamailio/commit/35cd520bfe29d63555aebf64717f6029...
Patch: https://github.com/kamailio/kamailio/commit/35cd520bfe29d63555aebf64717f6029...
---

diff --git a/src/modules/auth/auth_mod.c b/src/modules/auth/auth_mod.c
index b77be70b76..f9b7097c14 100644
--- a/src/modules/auth/auth_mod.c
+++ b/src/modules/auth/auth_mod.c
@@ -744,6 +744,13 @@ static int pv_auth_check(sip_msg_t *msg, str *srealm, str *spasswd, int vflags,
if(ret==AUTH_OK && (vchecks&AUTH_CHECK_ID_F)) {
    	hdr = (msg->proxy_auth==0)?msg->authorization:msg->proxy_auth;
+		if(hdr==NULL) {
+			if (msg->REQ_METHOD & (METHOD_ACK|METHOD_CANCEL|METHOD_PRACK)) {
+				return AUTH_OK;
+			} else {
+				return AUTH_ERROR;
+			}
+		}
    	suser = ((auth_body_t*)(hdr->parsed))->digest.username.user;
if((furi=parse_from_uri(msg))==NULL)

    