kenmirrors
/
freeswitch
mirror of https://github.com/signalwire/freeswitch.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

[core] fix leak in http request parser

This commit is contained in:
Mike Jerris 2020-10-06 11:26:42 -04:00 committed by Andrey Volk
parent 22ae5a1ba1
commit 8e4b418ee4
1 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/switch_utils.c
View File

@ -4176,11 +4176,12 @@ SWITCH_DECLARE(void) switch_http_parse_qs(switch_http_request_t *request, char *
char *q;
char *next;
char *name, *val;
char *dup = NULL;
if (qs) {
q = qs;
} else { /*parse our own qs, dup to avoid modify the original string */
q = strdup(request->qs);
dup = q = strdup(request->qs);
}
switch_assert(q);
@ -4207,9 +4208,7 @@ SWITCH_DECLARE(void) switch_http_parse_qs(switch_http_request_t *request, char *
q = next;
} while (q);
if (!qs) {
switch_safe_free(q);
}
switch_safe_free(dup);
}
/* clean the uri to protect us from vulnerability attack */