Summary: | ASTERISK-25893: Function vmauthenticate accesses uninitialized memory | ||
Reporter: | Filip Jenicek (phill) | Labels: | |
Date Opened: | 2016-04-06 06:05:25 | Date Closed: | 2017-03-23 15:56:34 |
Priority: | Major | Regression? | No |
Status: | Closed/Complete | Components: | Applications/app_voicemail |
Versions: | 13.7.2 | Frequency of Occurrence | |
Related Issues: | |||
Environment: | Attachments: | ||
Description: | The problem is in function vmauthenticate, on lines
{code} if (!vm_authenticate(chan, mailbox, sizeof(mailbox), &vmus, context, NULL, skipuser, 3, silent)) { pbx_builtin_setvar_helper(chan, "AUTH_MAILBOX", mailbox); pbx_builtin_setvar_helper(chan, "AUTH_CONTEXT", vmus.context); {code} If skipuser>0, then vm_authenticate does not fill the vmus variable, because of the condition: {code} if (vmu && !skipuser) { memcpy(res_vmu, vmu, sizeof(struct ast_vm_user)); } {code} The result is that AUTH_CONTEXT is set with an uninitialized memory, following errors are logged: {code} [06/Apr/2016 04:51:12] asterisk[32621] [C-00000000]json.c:704 in ast_json_vpack: Error building JSON from '{s: s, s: s}': Invalid UTF-8 string. [06/Apr/2016 04:51:12] asterisk[32621] [C-00000000]stasis_channels.c:774 in ast_channel_publish_varset: Error creating message name=AUTH_CONTEXT value=ެ�� {code} | ||
Comments: | By: Asterisk Team (asteriskteam) 2016-04-06 06:05:26.502-0500 Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution. A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report. Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process]. By: Rusty Newton (rnewton) 2016-04-06 15:30:32.897-0500 Thanks for the report. Do you want to provide a patch on Gerrit[1] to help get a fix in faster? [1]: https://wiki.asterisk.org/wiki/display/AST/Gerrit+Usage By: Asterisk Team (asteriskteam) 2016-04-21 12:00:01.047-0500 Suspended due to lack of activity. This issue will be automatically re-opened if the reporter posts a comment. If you are not the reporter and would like this re-opened please create a new issue instead. If the new issue is related to this one a link will be created during the triage process. Further information on issue tracker usage can be found in the Asterisk Issue Guidlines [1]. [1] https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines By: Friendly Automation (friendly-automation) 2017-02-20 18:15:40.473-0600 Change 5019 merged by zuul: app_voicemail: vm_authenticate accesses uninitialized memory [https://gerrit.asterisk.org/5019|https://gerrit.asterisk.org/5019] By: Friendly Automation (friendly-automation) 2017-02-20 18:20:23.588-0600 Change 5020 merged by zuul: app_voicemail: vm_authenticate accesses uninitialized memory [https://gerrit.asterisk.org/5020|https://gerrit.asterisk.org/5020] By: Friendly Automation (friendly-automation) 2017-02-20 18:30:25.959-0600 Change 5021 merged by zuul: app_voicemail: vm_authenticate accesses uninitialized memory [https://gerrit.asterisk.org/5021|https://gerrit.asterisk.org/5021] |