diff options
author | Steve Davies <steve@one47.co.uk> | 2015-04-28 11:38:30 +0100 |
---|---|---|
committer | Joshua Colp <jcolp@digium.com> | 2015-04-28 06:57:39 -0500 |
commit | 0b6410c4f880d8f715621de2c95b07ea3489d853 (patch) | |
tree | c04e6dee60e4d7682e698c8c9468834f79e62a2d /res/res_rtp_asterisk.c | |
parent | 427209603d77a3e26925cda5725294fe5a7026b0 (diff) |
res_rtp_asterisk: Resolve 2 discrete memory leaks in DTLS
ao2 ref leak in res_rtp_asterisk.c when a DTLS policy is created.
The resources are linked into a table, but the original alloc refs
are never released. ast_strdup leak in rtp_engine.c. If
ast_rtp_dtls_cfg_copy() is called twice on the same destination struct,
a pointer to an alloc'd string is overwritten before the string is free'd.
ASTERISK-25022
Reported by: one47
Change-Id: I62a8ceb8679709f6c3769136dc6aa9a68202ff9b
Diffstat (limited to 'res/res_rtp_asterisk.c')
-rw-r--r-- | res/res_rtp_asterisk.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/res/res_rtp_asterisk.c b/res/res_rtp_asterisk.c index 8300ef412..6df8a6e17 100644 --- a/res/res_rtp_asterisk.c +++ b/res/res_rtp_asterisk.c @@ -1869,6 +1869,7 @@ static int dtls_srtp_setup(struct ast_rtp *rtp, struct ast_srtp *srtp, struct as unsigned char *local_key, *local_salt, *remote_key, *remote_salt; struct ast_srtp_policy *local_policy, *remote_policy = NULL; struct ast_rtp_instance_stats stats = { 0, }; + int res = -1; /* If a fingerprint is present in the SDP make sure that the peer certificate matches it */ if (rtp->dtls_verify & AST_RTP_DTLS_VERIFY_FINGERPRINT) { @@ -1983,16 +1984,17 @@ static int dtls_srtp_setup(struct ast_rtp *rtp, struct ast_srtp *srtp, struct as } } - return 0; + res = 0; error: + /* policy->destroy() called even on success to release local reference to these resources */ res_srtp_policy->destroy(local_policy); if (remote_policy) { res_srtp_policy->destroy(remote_policy); } - return -1; + return res; } #endif |