From 11c1afb65929111063f4d7c90a57ff8cd018decf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?S=C3=A9bastien=20Blin?=
 <sebastien.blin@savoirfairelinux.com>
Date: Wed, 15 Jan 2020 14:47:53 -0500
Subject: [PATCH] sipaccountbase: avoid use after free for publishedIpAddress_

Change-Id: I2b6b5c81798b6fb9fbd977e64705bbd2d3364d27
---
 src/sip/sipaccount.cpp     | 7 ++++---
 src/sip/sipaccount.h       | 3 +++
 src/sip/sipaccountbase.cpp | 4 +---
 src/sip/sipaccountbase.h   | 1 +
 4 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/src/sip/sipaccount.cpp b/src/sip/sipaccount.cpp
index fd5abae4c0..2e86541c39 100644
--- a/src/sip/sipaccount.cpp
+++ b/src/sip/sipaccount.cpp
@@ -446,8 +446,9 @@ void SIPAccount::serialize(YAML::Emitter &out) const
 
 void SIPAccount::usePublishedAddressPortInVIA()
 {
-    via_addr_.host.ptr = (char *) publishedIpAddress_.c_str();
-    via_addr_.host.slen = publishedIpAddress_.size();
+    publishedIpStr_ = publishedIp_.toString();
+    via_addr_.host.ptr = (char *) publishedIpStr_.c_str();
+    via_addr_.host.slen = publishedIpStr_.size();
     via_addr_.port = publishedPort_;
 }
 
@@ -1413,7 +1414,7 @@ SIPAccount::getContactHeader(pjsip_transport* t)
         useUPnPAddressPortInVIA();
         JAMI_DBG("Using UPnP address %s and port %d", address.c_str(), port);
     } else if (not publishedSameasLocal_) {
-        address = publishedIpAddress_;
+        address = publishedIp_.toString();
         port = publishedPort_;
         JAMI_DBG("Using published address %s and port %d", address.c_str(), port);
     } else if (stunEnabled_) {
diff --git a/src/sip/sipaccount.h b/src/sip/sipaccount.h
index 6f2306ed9b..9a5b65fcf2 100644
--- a/src/sip/sipaccount.h
+++ b/src/sip/sipaccount.h
@@ -782,6 +782,9 @@ class SIPAccount : public SIPAccountBase {
          */
         pjsip_host_port via_addr_;
 
+        // This is used at runtime . Mainly by SIPAccount::usePublishedAddressPortInVIA()
+        std::string publishedIpStr_ {};
+
         /**
          * Temporary storage for getUPnPIpAddress().toString()
          * Used only by useUPnPAddressPortInVIA().
diff --git a/src/sip/sipaccountbase.cpp b/src/sip/sipaccountbase.cpp
index 9427b13634..b5cd863e37 100644
--- a/src/sip/sipaccountbase.cpp
+++ b/src/sip/sipaccountbase.cpp
@@ -268,7 +268,6 @@ SIPAccountBase::getAccountDetails() const
     a.emplace(Conf::CONFIG_PUBLISHED_PORT,          std::to_string(publishedPort_));
     a.emplace(Conf::CONFIG_PUBLISHED_SAMEAS_LOCAL,  publishedSameasLocal_ ? TRUE_STR : FALSE_STR);
     a.emplace(Conf::CONFIG_PUBLISHED_ADDRESS,       publishedIpAddress_);
-
     a.emplace(Conf::CONFIG_STUN_ENABLE, stunEnabled_ ? TRUE_STR : FALSE_STR);
     a.emplace(Conf::CONFIG_STUN_SERVER, stunServer_);
     a.emplace(Conf::CONFIG_TURN_ENABLE, turnEnabled_ ? TRUE_STR : FALSE_STR);
@@ -431,9 +430,8 @@ void
 SIPAccountBase::setPublishedAddress(const IpAddr& ip_addr)
 {
     publishedIp_ = ip_addr;
-    publishedIpAddress_ = ip_addr.toString();
     JAMI_DBG("[Account %s] Using public address %s", getAccountID().c_str(),
-             publishedIpAddress_.c_str());
+             publishedIp_.toString().c_str());
 }
 
 } // namespace jami
diff --git a/src/sip/sipaccountbase.h b/src/sip/sipaccountbase.h
index ea9ab75f72..33efb2bb71 100644
--- a/src/sip/sipaccountbase.h
+++ b/src/sip/sipaccountbase.h
@@ -353,6 +353,7 @@ protected:
      */
     IpAddr publishedIp_ {};
 
+    // This will be stored in the configuration
     std::string publishedIpAddress_ {};
 
     /**
-- 
GitLab