From 11c1afb65929111063f4d7c90a57ff8cd018decf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Blin?= <sebastien.blin@savoirfairelinux.com> Date: Wed, 15 Jan 2020 14:47:53 -0500 Subject: [PATCH] sipaccountbase: avoid use after free for publishedIpAddress_ Change-Id: I2b6b5c81798b6fb9fbd977e64705bbd2d3364d27 --- src/sip/sipaccount.cpp | 7 ++++--- src/sip/sipaccount.h | 3 +++ src/sip/sipaccountbase.cpp | 4 +--- src/sip/sipaccountbase.h | 1 + 4 files changed, 9 insertions(+), 6 deletions(-) diff --git a/src/sip/sipaccount.cpp b/src/sip/sipaccount.cpp index fd5abae4c0..2e86541c39 100644 --- a/src/sip/sipaccount.cpp +++ b/src/sip/sipaccount.cpp @@ -446,8 +446,9 @@ void SIPAccount::serialize(YAML::Emitter &out) const void SIPAccount::usePublishedAddressPortInVIA() { - via_addr_.host.ptr = (char *) publishedIpAddress_.c_str(); - via_addr_.host.slen = publishedIpAddress_.size(); + publishedIpStr_ = publishedIp_.toString(); + via_addr_.host.ptr = (char *) publishedIpStr_.c_str(); + via_addr_.host.slen = publishedIpStr_.size(); via_addr_.port = publishedPort_; } @@ -1413,7 +1414,7 @@ SIPAccount::getContactHeader(pjsip_transport* t) useUPnPAddressPortInVIA(); JAMI_DBG("Using UPnP address %s and port %d", address.c_str(), port); } else if (not publishedSameasLocal_) { - address = publishedIpAddress_; + address = publishedIp_.toString(); port = publishedPort_; JAMI_DBG("Using published address %s and port %d", address.c_str(), port); } else if (stunEnabled_) { diff --git a/src/sip/sipaccount.h b/src/sip/sipaccount.h index 6f2306ed9b..9a5b65fcf2 100644 --- a/src/sip/sipaccount.h +++ b/src/sip/sipaccount.h @@ -782,6 +782,9 @@ class SIPAccount : public SIPAccountBase { */ pjsip_host_port via_addr_; + // This is used at runtime . Mainly by SIPAccount::usePublishedAddressPortInVIA() + std::string publishedIpStr_ {}; + /** * Temporary storage for getUPnPIpAddress().toString() * Used only by useUPnPAddressPortInVIA(). diff --git a/src/sip/sipaccountbase.cpp b/src/sip/sipaccountbase.cpp index 9427b13634..b5cd863e37 100644 --- a/src/sip/sipaccountbase.cpp +++ b/src/sip/sipaccountbase.cpp @@ -268,7 +268,6 @@ SIPAccountBase::getAccountDetails() const a.emplace(Conf::CONFIG_PUBLISHED_PORT, std::to_string(publishedPort_)); a.emplace(Conf::CONFIG_PUBLISHED_SAMEAS_LOCAL, publishedSameasLocal_ ? TRUE_STR : FALSE_STR); a.emplace(Conf::CONFIG_PUBLISHED_ADDRESS, publishedIpAddress_); - a.emplace(Conf::CONFIG_STUN_ENABLE, stunEnabled_ ? TRUE_STR : FALSE_STR); a.emplace(Conf::CONFIG_STUN_SERVER, stunServer_); a.emplace(Conf::CONFIG_TURN_ENABLE, turnEnabled_ ? TRUE_STR : FALSE_STR); @@ -431,9 +430,8 @@ void SIPAccountBase::setPublishedAddress(const IpAddr& ip_addr) { publishedIp_ = ip_addr; - publishedIpAddress_ = ip_addr.toString(); JAMI_DBG("[Account %s] Using public address %s", getAccountID().c_str(), - publishedIpAddress_.c_str()); + publishedIp_.toString().c_str()); } } // namespace jami diff --git a/src/sip/sipaccountbase.h b/src/sip/sipaccountbase.h index ea9ab75f72..33efb2bb71 100644 --- a/src/sip/sipaccountbase.h +++ b/src/sip/sipaccountbase.h @@ -353,6 +353,7 @@ protected: */ IpAddr publishedIp_ {}; + // This will be stored in the configuration std::string publishedIpAddress_ {}; /** -- GitLab