sysmocom
/
asterisk
11
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
asterisk/apps
History
Matthew Jordan 8fb5bdce9a Prevent exhaustion of system resources through exploitation of event cache 
Asterisk maintains an internal cache for devices in the event subsystem. The
device state cache holds the state of each device known to Asterisk, such that
consumers of device state information can query for the last known state for
a particular device, even if it is not part of an active call. The concept of
a device in Asterisk can include entities that do not have a physical
representation. One way that this occurred was when anonymous calls are allowed
in Asterisk. A device was automatically created and stored in the cache for
each anonymous call that occurred; this was possible in the SIP and IAX2
channel drivers and through channel drivers that utilized the
res_jabber/res_xmpp resource modules (Gtalk, Jingle, and Motif). These devices
are never removed from the system, allowing anonymous calls to potentially
exhaust a system's resources.

This patch changes the event cache subsystem and device state management to
no longer cache devices that are not associated with a physical entity.

(issue ASTERISK-20175)
Reported by: Russell Bryant, Leif Madsen, Joshua Colp
Tested by: kmoore
patches:
  event-cachability-3.diff uploaded by jcolp (license 5000)
........

Merged revisions 378303 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 378320 from http://svn.asterisk.org/svn/asterisk/branches/10
........

Merged revisions 378321 from http://svn.asterisk.org/svn/asterisk/branches/11


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378322 65c4cc65-6c06-0410-ace0-fbb531ad65f3
 		2013-01-02 18:11:59 +00:00
..
confbridge Prevent exhaustion of system resources through exploitation of event cache 2013-01-02 18:11:59 +00:00
Makefile Doxygen Updates - Title update 2012-10-14 21:45:16 +00:00
app_adsiprog.c Doxygen Updates - Title update 2012-10-14 21:45:16 +00:00
app_alarmreceiver.c Fix XML Document Validation Failure 2012-10-18 20:31:05 +00:00
app_amd.c Doxygen Updates - Title update 2012-10-14 21:45:16 +00:00
app_authenticate.c ast_channel opaquification of pointers and integral types 2012-02-20 23:43:27 +00:00
app_cdr.c ast_channel opaquification of pointers and integral types 2012-02-20 23:43:27 +00:00
app_celgenuserevent.c Remove unnecessary channel module references. 2012-11-27 20:39:51 +00:00
app_chanisavail.c app_chanisavail: Fix use of uninitialized variable. 2012-03-14 23:29:32 +00:00
app_channelredirect.c Finalize ast_channel opaquification 2012-03-13 18:20:34 +00:00
app_chanspy.c Fix Not Unreferencing A Spied Channel 2012-08-08 22:45:15 +00:00
app_confbridge.c Prevent exhaustion of system resources through exploitation of event cache 2013-01-02 18:11:59 +00:00
app_controlplayback.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
app_dahdibarge.c Opaquify ast_channel typedefs, fd arrays, and softhangup flag 2012-03-01 22:09:18 +00:00
app_dahdiras.c Opaquify ast_channel typedefs, fd arrays, and softhangup flag 2012-03-01 22:09:18 +00:00
app_db.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
app_dial.c Multiple revisions 375993-375994 2012-11-07 19:15:26 +00:00
app_dictate.c Clean up and ensure proper usage of alloca() 2012-07-31 20:21:43 +00:00
app_directed_pickup.c Named call pickup groups. Fixes, missing functionality, and improvements. 2012-09-20 17:22:41 +00:00
app_directory.c Fix coverity UNUSED_VALUE findings in core support level files 2012-06-11 15:23:30 +00:00
app_disa.c Coverity Report: Fix issues for error type UNINIT in Core supported modules 2012-05-10 15:57:26 +00:00
app_dumpchan.c Finalize ast_channel opaquification 2012-03-13 18:20:34 +00:00
app_echo.c Prevent Echo() from relaying control, null, and modem frames 2012-03-20 20:42:34 +00:00
app_exec.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
app_externalivr.c Remove declaration of eivr_connect_socket because it no longer exists. 2012-06-20 11:47:12 +00:00
app_fax.c Doxygen Updates - Title update 2012-10-14 21:45:16 +00:00
app_festival.c Doxygen Updates - Title update 2012-10-14 21:45:16 +00:00
app_flash.c Opaquify ast_channel typedefs, fd arrays, and softhangup flag 2012-03-01 22:09:18 +00:00
app_followme.c Doxygen Updates - Title update 2012-10-14 21:45:16 +00:00
app_forkcdr.c Make ForkCDR e option not set end time of the newly forked CDR log 2012-04-13 16:12:17 +00:00
app_getcpeid.c Clean up and ensure proper usage of alloca() 2012-07-31 20:21:43 +00:00
app_ices.c Doxygen Updates - janitor work 2012-09-21 17:14:59 +00:00
app_image.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
app_ivrdemo.c ast_channel opaquification of pointers and integral types 2012-02-20 23:43:27 +00:00
app_jack.c Multiple revisions 375993-375994 2012-11-07 19:15:26 +00:00
app_macro.c Clean up and ensure proper usage of alloca() 2012-07-31 20:21:43 +00:00
app_meetme.c Prevent exhaustion of system resources through exploitation of event cache 2013-01-02 18:11:59 +00:00
app_milliwatt.c Replace GNU old-style field designator extensions to fix clang warnings 2012-04-04 18:08:28 +00:00
app_minivm.c Doxygen Updates Janitor Work 2012-09-22 20:43:30 +00:00
app_mixmonitor.c mixmonitor: Add a test event 2012-10-30 19:20:33 +00:00
app_morsecode.c Merged revisions 336717 via svnmerge from 2011-09-19 20:23:29 +00:00
app_mp3.c Opaquification for ast_format structs in struct ast_channel 2012-02-24 00:32:20 +00:00
app_nbscat.c Opaquification for ast_format structs in struct ast_channel 2012-02-24 00:32:20 +00:00
app_originate.c Allow support for early media on AMI originates and call files. 2012-08-08 22:39:40 +00:00
app_osplookup.c Make evaluation of channel variables consistently case-sensitive. 2012-10-29 21:27:09 +00:00
app_page.c Fix a variety of memory leaks 2012-05-18 14:43:44 +00:00
app_parkandannounce.c Finalize ast_channel opaquification 2012-03-13 18:20:34 +00:00
app_playback.c ast_channel opaquification of pointers and integral types 2012-02-20 23:43:27 +00:00
app_playtones.c ast_channel opaquification of pointers and integral types 2012-02-20 23:43:27 +00:00
app_privacy.c Opaquify ast_channel structs and lists 2012-02-29 16:52:47 +00:00
app_queue.c Prevent exhaustion of system resources through exploitation of event cache 2013-01-02 18:11:59 +00:00
app_read.c ast_channel opaquification of pointers and integral types 2012-02-20 23:43:27 +00:00
app_readexten.c Opaquify ast_channel structs and lists 2012-02-29 16:52:47 +00:00
app_readfile.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
app_record.c Multiple revisions 375993-375994 2012-11-07 19:15:26 +00:00
app_saycounted.c Merged revisions 336717 via svnmerge from 2011-09-19 20:23:29 +00:00
app_sayunixtime.c ast_channel opaquification of pointers and integral types 2012-02-20 23:43:27 +00:00
app_senddtmf.c Add pause one second W dial modifier. 2012-09-28 18:27:02 +00:00
app_sendtext.c ast_channel opaquification of pointers and integral types 2012-02-20 23:43:27 +00:00
app_setcallerid.c Opaquify ast_channel structs and lists 2012-02-29 16:52:47 +00:00
app_skel.c Doxygen Updates - Title update 2012-10-14 21:45:16 +00:00
app_sms.c Clean up and ensure proper usage of alloca() 2012-07-31 20:21:43 +00:00
app_softhangup.c ast_channel opaquification of pointers and integral types 2012-02-20 23:43:27 +00:00
app_speech_utils.c Add support for retrieving engine specific settings using the speech API and from dialplan. 2012-10-01 12:29:04 +00:00
app_stack.c Fix misuses of asprintf throughout the code. 2012-08-21 21:01:11 +00:00
app_system.c Multiple revisions 369001-369002 2012-06-15 16:20:16 +00:00
app_talkdetect.c Finalize ast_channel opaquification 2012-03-13 18:20:34 +00:00
app_test.c Opaquification for ast_format structs in struct ast_channel 2012-02-24 00:32:20 +00:00
app_transfer.c Fix the display of documentation for Transfer 2012-04-03 20:14:01 +00:00
app_url.c Merged revisions 339777 via svnmerge from 2011-10-07 19:37:33 +00:00
app_userevent.c Add AMI event documentation 2012-06-25 17:59:34 +00:00
app_verbose.c ast_channel opaquification of pointers and integral types 2012-02-20 23:43:27 +00:00
app_voicemail.c Patch to play correct sound file when a voicemail's urgent status is removed 2012-11-15 02:29:40 +00:00
app_voicemail.exports.in Remove some symbol exports that got missed in the removal of global symbols. 2012-06-15 15:33:41 +00:00
app_waitforring.c Multiple revisions 375993-375994 2012-11-07 19:15:26 +00:00
app_waitforsilence.c Opaquification for ast_format structs in struct ast_channel 2012-02-24 00:32:20 +00:00
app_waituntil.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
app_while.c Clean up and ensure proper usage of alloca() 2012-07-31 20:21:43 +00:00
app_zapateller.c Opaquify ast_channel structs and lists 2012-02-29 16:52:47 +00:00
enter.h remove extraneous svn:executable properties 2005-11-29 18:24:39 +00:00
leave.h remove extraneous svn:executable properties 2005-11-29 18:24:39 +00:00