Summary: | ASTERISK-13108: Asterisk 1.2.30.2 can be crashed remotely when using realtime for IAX2 users. | ||
Reporter: | Jon Leren Schøpzinsky (jonleren) | Labels: | |
Date Opened: | 2008-11-22 17:53:17.000-0600 | Date Closed: | 2008-12-11 14:05:54.000-0600 |
Priority: | Critical | Regression? | No |
Status: | Closed/Complete | Components: | Channels/chan_iax2 |
Versions: | Frequency of Occurrence | ||
Related Issues: | |||
Environment: | Attachments: | ||
Description: | Asterisk 1.2.30.2 crashes when an unknown IAX2 user tries to make a call, and the call is authenticated thru realtime. This is due to a value list not ending with NULL in line 2877 of chan_iax2.c I do not know how far back this bug is present. The only change needed to fix this bug, is to change: var = ast_load_realtime("iaxusers", "name", username, "host", ast_inet_ntoa(iabuf, sizeof(iabuf), sin->sin_addr)); to: var = ast_load_realtime("iaxusers", "name", username, "host", ast_inet_ntoa(iabuf, sizeof(iabuf), sin->sin_addr), NULL); in line 2877 so thats why I havent attached a patch file. Kind Regards Jon Leren Schøpzinsky | ||
Comments: | By: Jon Leren Schøpzinsky (jonleren) 2008-11-22 18:19:54.000-0600 This issue is present since 1.2.26. By: Jon Leren Schøpzinsky (jonleren) 2008-11-23 06:18:58.000-0600 I just verified that this issue does NOT affect the SIP channel. By: Mark Michelson (mmichelson) 2008-12-11 14:05:54.000-0600 This issue is resolved with the release of Asterisk 1.2.30.4 The security advisory that accompanied this release can be found here: http://downloads.digium.com/pub/security/AST-2008-012.html Thanks for reporting this. |