aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorerikdejong <erikdejong@gmail.com>2020-01-04 22:02:11 +0100
committerGuy Harris <guy@alum.mit.edu>2020-01-05 03:14:15 +0000
commit76c577aab4354df779f236584ddb096f3e82ad24 (patch)
tree958addb15db1e2b86c161a8a3482111f02e370d4
parent8b7caf5e9d1cb2158adbd0ed490c8b75b74b03c6 (diff)
SIP: authorization validation segfault on missing fields
Fix for segfaults caused by missing username and or realm fields when validating SIP authorization. Change-Id: Ia418f2a7f036ef706fcd6e4a766ea43098a6883d Reviewed-on: https://code.wireshark.org/review/35644 Petri-Dish: Guy Harris <guy@alum.mit.edu> Tested-by: Petri Dish Buildbot Reviewed-by: Guy Harris <guy@alum.mit.edu>
-rw-r--r--epan/dissectors/packet-sip.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/epan/dissectors/packet-sip.c b/epan/dissectors/packet-sip.c
index f0d17a931a..ef941a0ec2 100644
--- a/epan/dissectors/packet-sip.c
+++ b/epan/dissectors/packet-sip.c
@@ -4337,7 +4337,8 @@ dissect_sip_common(tvbuff_t *tvb, int offset, int remaining_length, packet_info
}
comma_offset++; /* skip comma */
}
- if ((authorization_info.response != NULL) && (global_sip_validate_authorization)) { /* If there is a response, check for valid credentials */
+ if ((authorization_info.response != NULL) && (global_sip_validate_authorization) &&
+ (authorization_info.username != NULL) && (authorization_info.realm != NULL)) { /* If there is a response, check for valid credentials */
authorization_user = sip_get_authorization(&authorization_info);
if (authorization_user) {
authorization_info.method = wmem_strdup(wmem_packet_scope(), stat_info->request_method);