From: Tzafrir Cohen <tzafrir.cohen@xorcom.com>
Date: Thu, 2 Jun 2016 16:25:21 +0300
Subject: handle_hint_change: initialize presence_state

In pbx.c:handle_hint_change(), some fields of presence_state may have
been left uninitialized. If extension_presence_state_helper() has
decided not to set them, they were left uninitialized, and Asterisk
crashes when trying to free them.
---
 main/pbx.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/main/pbx.c b/main/pbx.c
index 0627ab2..2f50227 100644
--- a/main/pbx.c
+++ b/main/pbx.c
@@ -6078,7 +6078,7 @@ static int handle_hint_change(void *data)
 	struct ast_hint *hint = data;
 	struct ast_str *hint_app;
 	int state;
-	struct presencechange presence_state;
+	struct presencechange presence_state = {};
 
 	if (!(hint_app = ast_str_create(1024))) {
 		return -1;
@@ -6096,8 +6096,12 @@ static int handle_hint_change(void *data)
 	ast_free(hint_app);
 	ao2_ref(hint, -1);
 
-	ast_free(presence_state.subtype);
-	ast_free(presence_state.message);
+	if (presence_state.subtype) {
+		ast_free(presence_state.subtype);
+	}
+	if (presence_state.message) {
+		ast_free(presence_state.message);
+	}
 
 	return 0;
 }