| Summary: | ASTERISK-04298: bogus bound checks and useless code in chan_sip.c | ||
| Reporter: | Luigi Rizzo (rizzo) | Labels: | |
| Date Opened: | 2005-05-29 14:29:44 | Date Closed: | 2008-01-15 15:38:12.000-0600 |
| Priority: | Minor | Regression? | No |
| Status: | Closed/Complete | Components: | Resources/res_adsi |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ( 0) 4406HeadCommitt.txt ( 1) sip-20050601-2350-stable.diff | |
| Description: | various places in chan_sip.c that check for bounds in req->header[] and req->line arrays are wrong or useless. In detail: add_header() checks if (req->headers == SIP_MAX_HEADERS) ... after the index has been used (i.e. already out of bound). add_blank_header() as above add_line() as above (with req->line and SIP_MAX_LINES) init_resp() checks if (req->headers < SIP_MAX_HEADERS) when req->headers can only be 0 (so the check is useless) init_req() same as above ****** ADDITIONAL INFORMATION ****** the fix is trivial - move the checks before actually using the index field, and remove the useless checks in init_resp() and init_req(). | ||
| Comments: | By: Mark Spencer (markster) 2005-05-30 09:20:12 Fixed in CVS head, definitely not major since it would never be tripped in normal operation and cannot be triggered by external input. By: Olle Johansson (oej) 2005-05-31 00:53:10 chan_sip is not [Core ASterisk] ADSI ... By: Jason Parker (jparker) 2005-06-02 01:55:31 Added patch for v1-0 Disclaimer on file under A.K.A. North Antara. By: Russell Bryant (russell) 2005-06-02 09:33:39 Since I've already started the release candidate cycle, I think I'm going to wait until after 1.0.8 to merge this one since it is not major. Thank you! By: Russell Bryant (russell) 2005-06-14 16:31:24 fixed in 1.0 By: Digium Subversion (svnbot) 2008-01-15 15:36:19.000-0600 Repository: asterisk Revision: 5784 U trunk/channels/chan_sip.c ------------------------------------------------------------------------ r5784 | markster | 2008-01-15 15:36:19 -0600 (Tue, 15 Jan 2008) | 2 lines Fix the ordering fo some checks (bug ASTERISK-4298) ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=5784 By: Digium Subversion (svnbot) 2008-01-15 15:38:12.000-0600 Repository: asterisk Revision: 5911 U branches/v1-0/channels/chan_sip.c ------------------------------------------------------------------------ r5911 | russell | 2008-01-15 15:38:11 -0600 (Tue, 15 Jan 2008) | 2 lines fix bounds checking (bug ASTERISK-4298) ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=5911 | ||