From 31ea915c22313a2a2006886b31f0fc2078daa0ee Mon Sep 17 00:00:00 2001 From: Liong Sauw Ming Date: Wed, 30 Dec 2015 03:44:12 +0000 Subject: Re #1882 (misc): Fixed potential out-of-bound array access in ice_session. Thanks to Dusan Klinec for the patch. git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@5221 74dad513-b988-da41-8d7b-12977e46ad98 --- pjnath/src/pjnath/ice_session.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pjnath/src/pjnath/ice_session.c b/pjnath/src/pjnath/ice_session.c index 1d1a1824..135bd5da 100644 --- a/pjnath/src/pjnath/ice_session.c +++ b/pjnath/src/pjnath/ice_session.c @@ -1661,13 +1661,15 @@ PJ_DEF(pj_status_t) pj_ice_sess_create_check_list( pj_ice_sess_cand *lcand = &ice->lcand[i]; pj_ice_sess_cand *rcand = &ice->rcand[j]; - pj_ice_sess_check *chk = &clist->checks[clist->count]; + pj_ice_sess_check *chk = NULL; if (clist->count >= PJ_ICE_MAX_CHECKS) { pj_grp_lock_release(ice->grp_lock); return PJ_ETOOMANY; } + chk = &clist->checks[clist->count]; + /* A local candidate is paired with a remote candidate if * and only if the two candidates have the same component ID * and have the same IP address version. -- cgit v1.2.3