Initialize variables before calling parse_uri

If parse_uri was called with an empty URI, some pointers would be modified and an invalid read could result. This patch avoids calling parse_uri with an empty contact uri when parsing REGISTER requests. AST-2011-012 (closes issue ASTERISK-18668) ........ Merged revisions 341189 from http://svn.asterisk.org/svn/asterisk/branches/1.8 ........ Merged revisions 341190 from http://svn.asterisk.org/svn/asterisk/branches/10 git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@341191 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2025-10-26 14:27:14 +00:00 · 2011-10-17 17:38:53 +00:00
parent ca0f2acab7
commit 9f83c2b513
1 changed files with 2 additions and 2 deletions
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@@ -13820,7 +13820,7 @@ static enum parse_register_result parse_register_contact(struct sip_pvt *pvt, st
 	char data[SIPBUFSIZE];
 	const char *expires = sip_get_header(req, "Expires");
 	int expire = atoi(expires);
-	char *curi, *domain, *transport;
+	char *curi = NULL, *domain = NULL, *transport = NULL;
 	int transport_type;
 	const char *useragent;
 	struct ast_sockaddr oldsin, testsa;
@@ -13898,7 +13898,7 @@ static enum parse_register_result parse_register_contact(struct sip_pvt *pvt, st
 	ast_string_field_build(pvt, our_contact, "<%s>", curi);
 	/* Make sure it's a SIP URL */
-	if (parse_uri_legacy_check(curi, "sip:,sips:", &curi, NULL, &domain, &transport)) {
+	if (ast_strlen_zero(curi) || parse_uri_legacy_check(curi, "sip:,sips:", &curi, NULL, &domain, &transport)) {
 		ast_log(LOG_NOTICE, "Not a valid SIP contact (missing sip:/sips:) trying to use anyway\n");
 	}