fixes crash when From header URI is missing "sip:"

(closes issue #17437)
Reported by: klaus3000
Patches:
      sip_crash uploaded by dvossel (license 671)
Tested by: klaus3000

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@271553 65c4cc65-6c06-0410-ace0-fbb531ad65f3

diff --git a/channels/chan_sip.c b/channels/chan_sip.c
index 5e9d2d2..63f9151 100644 (file)
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@@ -14445,8 +14445,8 @@ static enum check_auth_result check_user_full(struct sip_pvt *p, struct sip_requ
                                              struct sockaddr_in *sin, struct sip_peer **authpeer)
 {
        char from[256] = { 0, };
-       char *dummy;    /* dummy return value for parse_uri */
-       char *domain;   /* dummy return value for parse_uri */
+       char *dummy = NULL;     /* dummy return value for parse_uri */
+       char *domain = NULL;    /* dummy return value for parse_uri */
        char *of;
        enum check_auth_result res = AUTH_DONT_KNOW;
        char calleridname[50];

diff --git a/channels/sip/reqresp_parser.c b/channels/sip/reqresp_parser.c
index d589bec..446e963 100644 (file)
--- a/channels/sip/reqresp_parser.c
+++ b/channels/sip/reqresp_parser.c
@@ -759,6 +759,11 @@ const char *get_calleridname(const char *input, char *output, size_t outputsize)
                        }
                }
 
+               if (*input != '<') {   /* if we never found the start of addr-spec then this is invalid */
+                       *orig_output = '\0';
+                       return orig_input;
+               }
+
                /* set NULL while trimming trailing whitespace */
                do {
                        *output-- = '\0';
@@ -776,6 +781,7 @@ AST_TEST_DEFINE(get_calleridname_test)
        const char *overflow1 = " \"quoted-text overflow 1234567890123456789012345678901234567890\" <stuff>";
        const char *noendquote = " \"quoted-text no end <stuff>";
        const char *addrspec = " \"sip:blah@blah <stuff>";
+       const char *no_quotes_no_brackets = "blah@blah";
        const char *after_dname;
        char dname[40];
 
@@ -830,6 +836,15 @@ AST_TEST_DEFINE(get_calleridname_test)
                res = AST_TEST_FAIL;
        }
 
+       /* no quotes, no brackets */
+       after_dname = get_calleridname(no_quotes_no_brackets, dname, sizeof(dname));
+       ast_test_status_update(test, "no_quotes_no_brackets display-name1: %s\nafter: %s\n", dname, after_dname);
+       if (*dname != '\0' && after_dname != no_quotes_no_brackets) {
+               ast_test_status_update(test, "detection of addr-spec failed\n");
+               res = AST_TEST_FAIL;
+       }
+
+
        return res;
 }
 
@@ -1065,6 +1080,7 @@ AST_TEST_DEFINE(get_in_brackets_test)
        char missing_end_quote[] = "\"I'm a quote string <sip:name:secret@host:port;transport=tcp?headers=testblah&headers2=blahblah>";
        char name_no_quotes[] = "name not in quotes <sip:name:secret@host:port;transport=tcp?headers=testblah&headers2=blahblah>";
        char no_end_bracket[] = "name not in quotes <sip:name:secret@host:port;transport=tcp?headers=testblah&headers2=blahblah";
+       char no_name_no_brackets[] = "sip:name@host";
        char *uri = NULL;
 
        switch (cmd) {
@@ -1122,6 +1138,12 @@ AST_TEST_DEFINE(get_in_brackets_test)
                res = AST_TEST_FAIL;
        }
 
+       /* Test 7, no name, and no brackets. */
+       if (!(uri = get_in_brackets(no_name_no_brackets)) || (strcmp(uri, "sip:name@host"))) {
+
+               ast_test_status_update(test, "Test 7 failed. %s\n", uri);
+               res = AST_TEST_FAIL;
+       }
 
        return res;
 }