Add NULL checks for the parse_dlg_rr_param(). Segfault when 'did' parameter was empty in the Route header (e.g. 'did=').
@@ -970,7 +970,29 @@ static inline int parse_dlg_rr_param(char *p, char *end, int *h_entry, int *h_id
{
char *s;
+ /* sanity checks */
+ if (!p) {
+ LM_ERR("NULL start of parameter string");
+ return -1;
+ }
+
+ if (!end) {
+ LM_ERR("NULL end of parameter string");
+ if (!h_entry) {
+ LM_ERR("NULL h_entry");
+ if (!h_id) {
+ LM_ERR("NULL h_id");
for ( s=p ; p<end && *p!=DLG_SEPARATOR ; p++ );
if (*p!=DLG_SEPARATOR) {
LM_ERR("malformed rr param '%.*s'\n", (int)(long)(end-s), s);
return -1;
Stefan Mititelu