From 0acb30a7c57a244315728f227c46749477c25b18 Mon Sep 17 00:00:00 2001
From: Richard Fuchs <rfuchs@sipwise.com>
Date: Tue, 31 Jul 2018 13:12:21 -0400
Subject: [PATCH] fix possible core dump when processing certain malformed SDP

Change-Id: I3240f09033d7e587c48f8baa315953c553b99f0b
(cherry picked from commit 178391e1776052641a1b89f61601a588ee644a1d)
---
 daemon/sdp.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/daemon/sdp.c b/daemon/sdp.c
index acb43e1a6..9d1bf5ad7 100644
--- a/daemon/sdp.c
+++ b/daemon/sdp.c
@@ -1382,6 +1382,9 @@ INLINE void chopper_append_str(struct sdp_chopper *c, const str *s) {
 static int copy_up_to_ptr(struct sdp_chopper *chop, const char *b) {
 	int offset, len;
 
+	if (!b)
+		return 0;
+
 	offset = b - chop->input->s;
 	assert(offset >= 0);
 	assert(offset <= chop->input->len);
@@ -1411,6 +1414,9 @@ static void copy_remainder(struct sdp_chopper *chop) {
 static int skip_over(struct sdp_chopper *chop, str *where) {
 	int offset, len;
 
+	if (!where || !where->s)
+		return 0;
+
 	offset = (where->s - chop->input->s) + where->len;
 	assert(offset >= 0);
 	assert(offset <= chop->input->len);