sysmocom
/
asterisk
11
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
asterisk/res
History
Jonathan Rose 9d5f6e050e res_srtp: Prevent a crash from occurring due to srtp_create failures in srtp_create 
Under some circumstances, libsrtp's srtp_create function deallocates memory that
it wasn't initially responsible for allocating. Because we weren't initially
aware of this behavior, this memory was still used in spite of being unallocated
during the course of the srtp_unprotect function. A while back I made a patch
which would set this value to NULL, but that exposed a possible condition where
we would then try to check a member of the struct which would cause a segfault.
In order to address these problems, ast_srtp_unprotect will now set an error value
when it ends without a valid SRTP session which will result in the caller of
srtp_unprotect observing this error and hanging up the relevant channel instead of
trying to keep using the invalid session address.

(closes issue ASTERISK-20499)
Reported by: Tootai
Review: https://reviewboard.asterisk.org/r/2228/diff/#index_header
........

Merged revisions 378591 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 378592 from http://svn.asterisk.org/svn/asterisk/branches/11


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378593 65c4cc65-6c06-0410-ace0-fbb531ad65f3
 		2013-01-04 23:14:54 +00:00
..
ael Clean up and ensure proper usage of alloca() 2012-07-31 20:21:43 +00:00
pjproject Fix pjproject compilation in certain circumstances 2013-01-04 22:19:16 +00:00
snmp Multiple revisions 369001-369002 2012-06-15 16:20:16 +00:00
Makefile Doxygen Updates - Title update 2012-10-14 21:44:27 +00:00
res_adsi.c Multiple revisions 369323-369324 2012-06-25 15:55:25 +00:00
res_ael_share.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
res_ael_share.exports.in Allow symbol export filtering to work properly on platforms that have symbol prefixes. 2010-04-02 18:57:58 +00:00
res_agi.c Fix DBDelTree error codes for AMI, CLI and AGI 2012-10-04 15:48:24 +00:00
res_agi.exports.in Allow symbol export filtering to work properly on platforms that have symbol prefixes. 2010-04-02 18:57:58 +00:00
res_calendar.c Prevent exhaustion of system resources through exploitation of event cache 2013-01-02 18:11:59 +00:00
res_calendar.exports.in Allow symbol export filtering to work properly on platforms that have symbol prefixes. 2010-04-02 18:57:58 +00:00
res_calendar_caldav.c Fix a variety of memory leaks 2012-05-18 14:43:44 +00:00
res_calendar_ews.c Properly extract the Body information of an EWS calendar item 2012-10-31 14:58:44 +00:00
res_calendar_exchange.c Make generate_exchange_uuid() always return the passed ast_str pointer. 2012-12-13 21:20:32 +00:00
res_calendar_icalendar.c Fix a variety of memory leaks 2012-05-18 14:43:44 +00:00
res_clialiases.c The UUID commit removed changes made in res_clialiases.c 2012-12-13 15:37:45 +00:00
res_clioriginate.c Allow support for early media on AMI originates and call files. 2012-08-08 22:39:40 +00:00
res_config_curl.c Doxygen Updates - janitor work 2012-09-21 17:14:59 +00:00
res_config_ldap.c Doxygen Cleanups 2013-01-04 16:44:33 +00:00
res_config_odbc.c Fix coverity UNUSED_VALUE findings in core support level files 2012-06-11 15:23:30 +00:00
res_config_pgsql.c Doxygen Updates - Title update 2012-10-14 21:44:27 +00:00
res_config_sqlite.c Doxygen Updates - Title update 2012-10-14 21:44:27 +00:00
res_config_sqlite3.c Doxygen Updates - Title update 2012-10-14 21:44:27 +00:00
res_convert.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
res_corosync.c Add a "corosync ping" CLI command. 2012-07-30 00:14:18 +00:00
res_crypto.c Doxygen Updates - janitor work 2012-09-21 17:14:59 +00:00
res_crypto.exports.in Remove built-in AES code and use optional_api instead 2010-07-21 19:11:32 +00:00
res_curl.c Doxygen Updates - Title update 2012-10-14 21:44:27 +00:00
res_fax.c Ensure ReceiveFax provides a CED tone via T.38 2012-12-10 16:56:37 +00:00
res_fax.exports.in Log spandsp's fax debug output to the FAX logger level. 2010-05-21 15:15:58 +00:00
res_fax_spandsp.c Refactor ast_timer_ack to return an error and handle the error in timer users 2012-11-05 23:10:14 +00:00
res_format_attr_celt.c Add support for parsing SDP attributes, generating SDP attributes, and passing it through. 2012-07-13 16:49:40 +00:00
res_format_attr_h263.c Reduce memory consumption and add the H.264 and H.263 modules I shamefully neglected to add. 2012-07-13 18:41:07 +00:00
res_format_attr_h264.c Fix an issue with H.264 format attribute comparison and fix an issue with improper SDP being produced. 2012-09-24 14:27:17 +00:00
res_format_attr_silk.c Add support for parsing SDP attributes, generating SDP attributes, and passing it through. 2012-07-13 16:49:40 +00:00
res_http_post.c Avoid cppcheck warnings; removing unused vars and a bit of cleanup. 2012-04-17 18:57:40 +00:00
res_http_websocket.c Added missing newlines to websocket ast_logs. 2012-11-20 22:06:05 +00:00
res_http_websocket.exports.in Fix an issue with res_http_websocket where the chan_sip WebSocket handler could not be registered. 2012-10-31 18:01:09 +00:00
res_jabber.c Prevent exhaustion of system resources through exploitation of event cache 2013-01-02 18:11:59 +00:00
res_jabber.exports.in Fix chan_jingle/gtalk load regression introduced in r346087 2011-12-05 14:47:11 +00:00
res_limit.c Doxygen Updates - Title update 2012-10-14 21:44:27 +00:00
res_monitor.c Resolve FORWARD_NULL static analysis warnings 2012-05-10 20:56:09 +00:00
res_monitor.exports.in Allow symbol export filtering to work properly on platforms that have symbol prefixes. 2010-04-02 18:57:58 +00:00
res_musiconhold.c Refactor ast_timer_ack to return an error and handle the error in timer users 2012-11-05 23:10:14 +00:00
res_mutestream.c Convert MuteAudio documentation to XML. 2012-03-19 20:26:51 +00:00
res_odbc.c Doxygen Updates - Title update 2012-10-14 21:44:27 +00:00
res_odbc.exports.in Allow symbol export filtering to work properly on platforms that have symbol prefixes. 2010-04-02 18:57:58 +00:00
res_phoneprov.c Doxygen Updates - Title update 2012-10-14 21:44:27 +00:00
res_pktccops.c Multiple revisions 350788-350789 2012-01-14 15:51:43 +00:00
res_pktccops.exports.in Allow symbol export filtering to work properly on platforms that have symbol prefixes. 2010-04-02 18:57:58 +00:00
res_realtime.c Cleanup references to sipusers and sipfriends dynamic realtime families 2011-11-01 19:53:26 +00:00
res_rtp_asterisk.c Don't pass STUN packets through the SRTP unprotect function. 2013-01-04 21:18:07 +00:00
res_rtp_multicast.c Fix an issue where a caller to ast_write on a MulticastRTP channel would determine it failed when in reality it did not. 2012-09-25 12:12:20 +00:00
res_security_log.c Merged revisions 328247 via svnmerge from 2011-07-14 20:28:54 +00:00
res_smdi.c Doxygen Updates - Title update 2012-10-14 21:44:27 +00:00
res_smdi.exports.in Allow symbol export filtering to work properly on platforms that have symbol prefixes. 2010-04-02 18:57:58 +00:00
res_snmp.c Doxygen Updates - Title update 2012-10-14 21:44:27 +00:00
res_speech.c Add support for retrieving engine specific settings using the speech API and from dialplan. 2012-10-01 12:29:04 +00:00
res_speech.exports.in Allow symbol export filtering to work properly on platforms that have symbol prefixes. 2010-04-02 18:57:58 +00:00
res_srtp.c res_srtp: Prevent a crash from occurring due to srtp_create failures in srtp_create 2013-01-04 23:14:54 +00:00
res_srtp.exports.in Add SRTP support for Asterisk 2010-06-08 05:29:08 +00:00
res_stun_monitor.c Add 'stun show status' command 2012-07-05 21:36:41 +00:00
res_timing_dahdi.c Refactor ast_timer_ack to return an error and handle the error in timer users 2012-11-05 23:10:14 +00:00
res_timing_kqueue.c Refactor ast_timer_ack to return an error and handle the error in timer users 2012-11-05 23:10:14 +00:00
res_timing_pthread.c Refactor ast_timer_ack to return an error and handle the error in timer users 2012-11-05 23:10:14 +00:00
res_timing_timerfd.c Refactor ast_timer_ack to return an error and handle the error in timer users 2012-11-05 23:10:14 +00:00
res_xmpp.c Prevent exhaustion of system resources through exploitation of event cache 2013-01-03 15:40:21 +00:00
res_xmpp.exports.in Add a new unified Jingle, Google Jingle, and Google Talk channel driver written from scratch called chan_motif. 2012-07-07 17:06:51 +00:00