From 88409082a4cbf27b308c76c148270ee72fdcb503 Mon Sep 17 00:00:00 2001 From: Riza Sulistyo Date: Wed, 17 Jan 2018 11:30:52 +0000 Subject: [PATCH] r5727 svn backport sip_msg: Prevent crash on header without vptr Re #2059 (misc): Prevent corrupt header from causing a crash when printed. Thanks to George Joseph for the patch. Occasionally a header with no vptr gets into the list of header. This causes a crash when printing them. We still need to figure out how the header got there but this patch at least prevents the crash by checking for a non-NULL vptr before attempting to call its print function. --- pjsip/src/pjsip/sip_msg.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/pjsip/src/pjsip/sip_msg.c b/pjsip/src/pjsip/sip_msg.c index a13f80e..8819dd9 100644 --- a/pjsip/src/pjsip/sip_msg.c +++ b/pjsip/src/pjsip/sip_msg.c @@ -26,6 +26,7 @@ #include #include #include +#include #include PJ_DEF_DATA(const pjsip_method) pjsip_invite_method = @@ -461,8 +462,13 @@ PJ_DEF(pj_ssize_t) pjsip_msg_print( const pjsip_msg *msg, /* Print each of the headers. */ for (hdr=msg->hdr.next; hdr!=&msg->hdr; hdr=hdr->next) { len = pjsip_hdr_print_on(hdr, p, end-p); - if (len < 0) - return -1; + if (len < 0) { + if (len == -2) { + PJ_LOG(5, ("sip_msg", "Header with no vptr encountered!! "\ + "Current buffer: %.*s", (int)(p-buf), buf)); + } + return len; + } if (len > 0) { p += len; @@ -578,6 +584,7 @@ PJ_DEF(void*) pjsip_hdr_shallow_clone( pj_pool_t *pool, const void *hdr_ptr ) PJ_DEF(int) pjsip_hdr_print_on( void *hdr_ptr, char *buf, pj_size_t len) { pjsip_hdr *hdr = (pjsip_hdr*) hdr_ptr; + PJ_ASSERT_RETURN(hdr->vptr, -2); return (*hdr->vptr->print_on)(hdr_ptr, buf, len); } -- 2.7.4