| Summary: | ASTERISK-17905: [patch] Crash in netsock when attempting to resolve blank sip uri | ||
| Reporter: | Mark Murawski (kobaz) | Labels: | |
| Date Opened: | 2011-05-22 23:43:37 | Date Closed: | 2011-05-26 16:50:10 |
| Priority: | Critical | Regression? | No |
| Status: | Closed/Complete | Components: | Core/Netsock |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ( 0) netsock2.patch | |
| Description: | Through some routine testing I came across [2011-05-23 00:35:06] WARNING[29007]: chan_sip.c:13295 Invalid contact uri (missing sip: or sips:), attempting to use anyway Segmentation Fault The problem is in ast_sockaddr_resolve() in netsock2.c s = ast_strdupa(str); This may deference a null pointer if the results from parse_uri_legacy_check() in chan_sip are a null domain. | ||
| Comments: | By: Mark Murawski (kobaz) 2011-05-22 23:43:49 Affects trunk as well. By: Mark Murawski (kobaz) 2011-05-23 12:15:36 Also related to this bug, parse_uri_legacy_check() leaves user,pass,domain,transport possibility uninitialized if the parse fails By: Bradley Watkins (marquis) 2011-05-26 14:56:18 This looks like the right fix. I say ship it! By: Digium Subversion (svnbot) 2011-05-26 15:09:36 Repository: asterisk Revision: 321100 U branches/1.8/channels/chan_sip.c U branches/1.8/main/netsock2.c ------------------------------------------------------------------------ r321100 | markm | 2011-05-26 15:09:36 -0500 (Thu, 26 May 2011) | 11 lines ast_sockaddr_resolve() in netsock2.c may deref a null pointer Added a null check in netsock2 ast_sockaddr_resolve() as well as added default initalizers in chan_sip parse_uri_legacy_check() to make sure that invalid uris will make null (and not undefined) user,pass,domain,transport variables (closes issue ASTERISK-17905) Reported by: kobaz Patches: netsock2.patch uploaded by kobaz (license 834) Tested by: kobaz, Marquis ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=321100 By: Digium Subversion (svnbot) 2011-05-26 15:16:29 Repository: asterisk Revision: 321101 _U trunk/ U trunk/channels/chan_sip.c U trunk/main/netsock2.c ------------------------------------------------------------------------ r321101 | markm | 2011-05-26 15:16:29 -0500 (Thu, 26 May 2011) | 17 lines Merged revisions 321100 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.8 ........ r321100 | markm | 2011-05-26 16:09:35 -0400 (Thu, 26 May 2011) | 11 lines ast_sockaddr_resolve() in netsock2.c may deref a null pointer Added a null check in netsock2 ast_sockaddr_resolve() as well as added default initalizers in chan_sip parse_uri_legacy_check() to make sure that invalid uris will make null (and not undefined) user,pass,domain,transport variables (closes issue ASTERISK-17905) Reported by: kobaz Patches: netsock2.patch uploaded by kobaz (license 834) Tested by: kobaz, Marquis ........ ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=321101 By: Terry Wilson (twilson) 2011-05-26 16:25:32 Not quite correct as it breaks compiling under dev mode. Always compile after ./configure --enable-dev-mode before committing! By: Mark Murawski (kobaz) 2011-05-26 16:27:05 Yes, I was shown the bamboo error. By the way, bamboo did not email me the breakage. I'll have it fixed shortly. By: Digium Subversion (svnbot) 2011-05-26 16:48:47 Repository: asterisk Revision: 321155 U branches/1.8/channels/chan_sip.c U branches/1.8/channels/sip/reqresp_parser.c ------------------------------------------------------------------------ r321155 | markm | 2011-05-26 16:48:46 -0500 (Thu, 26 May 2011) | 10 lines Fixed build problem with dev mode enabled, which was caused by commit 321100. Reformulated patch to be more generic. Moved the sip uri parse variable initalization to parse_uri_full in reqresp_parser.c. This will ensure that any use of parse uri will have null output variables if the parse fails. (closes issue ASTERISK-17905) Reported by: kobaz Tested by: kobaz,JonathanRose Review: [full review board URL with trailing slash] ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=321155 By: Digium Subversion (svnbot) 2011-05-26 16:50:09 Repository: asterisk Revision: 321156 _U trunk/ U trunk/channels/chan_sip.c U trunk/channels/sip/reqresp_parser.c ------------------------------------------------------------------------ r321156 | markm | 2011-05-26 16:50:08 -0500 (Thu, 26 May 2011) | 17 lines Merged revisions 321155 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.8 ........ r321155 | markm | 2011-05-26 17:48:45 -0400 (Thu, 26 May 2011) | 10 lines Fixed build problem with dev mode enabled, which was caused by commit 321100. Reformulated patch to be more generic. Moved the sip uri parse variable initalization to parse_uri_full in reqresp_parser.c. This will ensure that any use of parse uri will have null output variables if the parse fails. (closes issue ASTERISK-17905) Reported by: kobaz Tested by: kobaz,JonathanRose Review: [full review board URL with trailing slash] ........ ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=321156 | ||