From e743229d4b008c317c89c7853328740ee0635257 Mon Sep 17 00:00:00 2001 From: Donat Zenichev Date: Thu, 3 Oct 2024 09:06:49 +0200 Subject: [PATCH] MT#55283 Stop trickle updates without a room Don't proceed with the trickle updates in case the required room, hence a call hasn't been found. Fixes Coverity Scan defect: *** CID 1600057: Null pointer dereferences (NULL_RETURNS) /daemon/janus.c: 1679 in janus_trickle() 1673 // ufrag can be given in-line or separately 1674 sp->ice_ufrag = cand->ufrag; 1675 if (!sp->ice_ufrag.len && ufrag) 1676 bencode_strdup_str(&ngbuf->buffer, &sp->ice_ufrag, ufrag); 1677 1678 // finally do the update >>> CID 1600057: Null pointer dereferences (NULL_RETURNS) >>> Dereferencing a pointer that might be "NULL" "call" when calling "trickle_ice_update". 1679 trickle_ice_update(ngbuf, call, &flags, &streams); 1680 1681 return NULL; 1682 } 1683 1684 Change-Id: Ib2e293c2f99e914e3d02fe43d08160ec30892ae4 --- daemon/janus.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/daemon/janus.c b/daemon/janus.c index bde86c2b8..79909a833 100644 --- a/daemon/janus.c +++ b/daemon/janus.c @@ -1616,9 +1616,15 @@ static const char *janus_trickle(JsonReader *reader, struct janus_session *sessi call_id = janus_call_id(handle->room); struct janus_room *room = t_hash_table_lookup(janus_rooms, &handle->room); - - if (room) - call = call_get(&room->call_id); + if (!room) { + *retcode = 426; + return "No such room"; + } + call = call_get(&room->call_id); + if (!call) { + *retcode = 426; + return "No such room"; + } } // set up "streams" structures to use an trickle ICE update. these must be