|Summary:||ASTERISK-13108: Asterisk 18.104.22.168 can be crashed remotely when using realtime for IAX2 users.|
|Reporter:||Jon Leren Schøpzinsky (jonleren)||Labels:|
|Date Opened:||2008-11-22 17:53:17.000-0600||Date Closed:||2008-12-11 14:05:54.000-0600|
|Description:||Asterisk 22.214.171.124 crashes when an unknown IAX2 user tries to make a call, and the call is authenticated thru realtime.|
This is due to a value list not ending with NULL in line 2877 of chan_iax2.c
I do not know how far back this bug is present.
The only change needed to fix this bug, is to change:
var = ast_load_realtime("iaxusers", "name", username, "host", ast_inet_ntoa(iabuf, sizeof(iabuf), sin->sin_addr));
var = ast_load_realtime("iaxusers", "name", username, "host", ast_inet_ntoa(iabuf, sizeof(iabuf), sin->sin_addr), NULL);
in line 2877
so thats why I havent attached a patch file.
Jon Leren Schøpzinsky
|Comments:||By: Jon Leren Schøpzinsky (jonleren) 2008-11-22 18:19:54.000-0600|
This issue is present since 1.2.26.
By: Jon Leren Schøpzinsky (jonleren) 2008-11-23 06:18:58.000-0600
I just verified that this issue does NOT affect the SIP channel.
By: Mark Michelson (mmichelson) 2008-12-11 14:05:54.000-0600
This issue is resolved with the release of Asterisk 126.96.36.199
The security advisory that accompanied this release can be found here:
Thanks for reporting this.