sysmocom
/
asterisk
11
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
asterisk/funcs
History
Matthew Jordan 89f9e077d7 Prevent crashes from occurring when reading from data sources with large values 
When reading configuration data from an Asterisk .conf file or when pulling
data from an Asterisk RealTime backend, Asterisk was copying the data on the
stack for manipulation. Unfortunately, it is possible to read configuration
data or realtime data from some data source that provides a large blob of
characters. This could potentially cause a crash via a stack overflow.

This patch prevents large sets of data from being read from an ARA backend or
from an Asterisk conf file.

(issue ASTERISK-20658)
Reported by: wdoekes
Tested by: wdoekes, mmichelson
patches:
 * issueA20658_dont_process_overlong_config_lines.patch uploaded by wdoekes (license 5674)
 * issueA20658_func_realtime_limit.patch uploaded by wdoekes (license 5674)
........

Merged revisions 378375 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 378376 from http://svn.asterisk.org/svn/asterisk/branches/11


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378377 65c4cc65-6c06-0410-ace0-fbb531ad65f3
 		2013-01-02 22:10:32 +00:00
..
Makefile Title update 2012-10-14 21:56:13 +00:00
func_aes.c Fix many issues from the NULL_RETURNS Coverity report 2012-05-04 22:17:38 +00:00
func_audiohookinherit.c func_audiohookinherit: Document some missed sources. 2012-09-24 21:19:49 +00:00
func_base64.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
func_blacklist.c Opaquify ast_channel structs and lists 2012-02-29 16:52:47 +00:00
func_callcompletion.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
func_callerid.c Allow for redirecting reasons to be set to arbitrary strings. 2012-09-25 19:29:14 +00:00
func_cdr.c Coverity Report: Fix issues for error type UNINIT in Core supported modules 2012-05-10 15:57:26 +00:00
func_channel.c Named call pickup groups. Fixes, missing functionality, and improvements. 2012-09-20 17:22:41 +00:00
func_config.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
func_curl.c Ensure that all ast_datastore_info structures are 'const'. 2012-07-18 17:18:20 +00:00
func_cut.c Clean up and ensure proper usage of alloca() 2012-07-31 20:21:43 +00:00
func_db.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
func_devstate.c Prevent exhaustion of system resources through exploitation of event cache 2013-01-02 18:11:59 +00:00
func_dialgroup.c Fix a variety of memory leaks 2012-05-18 14:43:44 +00:00
func_dialplan.c Enable macros in 1.8 to find the next highest "h" extension in a context, like in 1.4. 2012-03-13 08:06:20 +00:00
func_enum.c Allow ENUM query functions to report lookup errors 2011-08-09 17:08:33 +00:00
func_env.c Fix places where a negative return from ftello could be used as invalid input 2012-04-17 20:59:25 +00:00
func_extstate.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
func_frame_trace.c Commit framework for HANGUPCAUSE (replacement for SIP_CAUSE) 2012-05-14 19:44:27 +00:00
func_global.c Clean up and ensure proper usage of alloca() 2012-07-31 20:21:43 +00:00
func_groupcount.c Avoid cppcheck warnings; removing unused vars and a bit of cleanup. 2012-04-17 18:57:40 +00:00
func_hangupcause.c Make the name of the "HangupCauseClear" application consistent 2012-08-18 01:34:50 +00:00
func_iconv.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
func_jitterbuffer.c Refactor ast_timer_ack to return an error and handle the error in timer users 2012-11-05 23:10:14 +00:00
func_lock.c Ensure that all ast_datastore_info structures are 'const'. 2012-07-18 17:18:20 +00:00
func_logic.c Clean up and ensure proper usage of alloca() 2012-07-31 20:21:43 +00:00
func_math.c Remove annoying unconditional debug message from INC/DEC functions. 2012-09-07 22:10:33 +00:00
func_md5.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
func_module.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
func_odbc.c Fix misuses of asprintf throughout the code. 2012-08-21 21:01:11 +00:00
func_pitchshift.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
func_presencestate.c "He who go through turnstile sideways is going to Bangkok" 2012-09-25 14:13:08 +00:00
func_rand.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
func_realtime.c Prevent crashes from occurring when reading from data sources with large values 2013-01-02 22:10:32 +00:00
func_sha1.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
func_shell.c Improve documentation for the SHELL() dialplan function. 2012-07-23 21:10:27 +00:00
func_speex.c Doxygen Updates - janitor work 2012-09-21 17:14:59 +00:00
func_sprintf.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
func_srv.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
func_strings.c Make evaluation of channel variables consistently case-sensitive. 2012-10-29 21:27:09 +00:00
func_sysinfo.c Multiple revisions 361403,361412 2012-04-06 16:33:24 +00:00
func_timeout.c Opaquify ast_channel structs and lists 2012-02-29 16:52:47 +00:00
func_uri.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
func_version.c Fix documentation for ${VERSION(ASTERISK_VERSION_NUM)}. 2012-04-19 22:01:20 +00:00
func_vmcount.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
func_volume.c Minor spelling fix to the VOLUME documentation. 2012-11-30 17:08:41 +00:00