[asterisk-bugs] [Asterisk 0011897]: Missed protection from incorrect dial string in parse_dial_string

noreply at bugs.digium.com noreply at bugs.digium.com
Thu Jan 31 18:24:38 CST 2008 

A NOTE has been added to this issue. 
====================================================================== 
http://bugs.digium.com/view.php?id=11897 
====================================================================== 
Reported By:                sokhapkin
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   11897
Category:                   Channels/chan_iax2
Reproducibility:            always
Severity:                   major
Priority:                   normal
Status:                     new
Asterisk Version:           1.4.16.2 
SVN Branch (only for SVN checkouts, not tarball releases): N/A 
SVN Revision (number only!):  
Disclaimer on File?:        N/A 
Request Review:              
====================================================================== 
Date Submitted:             01-31-2008 18:20 CST
Last Modified:              01-31-2008 18:24 CST
====================================================================== 
Summary:                    Missed protection from incorrect dial string in
parse_dial_string
Description: 
chan_iax2 accepts dial string like iax2/user:password@ (missed host). On a
busy host with much iax2 activity this leads to denial of service after
short period of time with errors like


[Jan 31 19:06:28] DEBUG[19315] chan_iax2.c: realtime_peer: Bah, '' is
expired (1201824378/0/1201824
378)!
[Jan 31 19:06:28] NOTICE[19315] channel.c: Unable to request channel
iax2/asd:qwe@
[Jan 31 19:06:28] DEBUG[19315] devicestate.c: Notification of state change
to be queued on device/c
hannel **Unknown**
[Jan 31 19:06:28] WARNING[12759] res_config_odbc.c: SQL Alloc Handle
failed!
[Jan 31 19:06:28] WARNING[12759] res_odbc.c: SQL Prepare failed. 
Attempting a reconnect...
[Jan 31 19:06:28] DEBUG[12724] devicestate.c: Checking if I can find
provider for "**Unknown**" - n
umber: (null)
[Jan 31 19:06:28] DEBUG[12724] devicestate.c: Changing state for
**Unknown** - state 4 (Invalid)
[Jan 31 19:06:29] NOTICE[12757] chan_iax2.c: Out of idle IAX2 threads for
I/O, pausing!
[Jan 31 19:06:29] NOTICE[12756] chan_iax2.c: Out of idle IAX2 threads for
scheduling!
[Jan 31 19:06:30] NOTICE[12757] chan_iax2.c: Out of idle IAX2 threads for
I/O, pausing!
[Jan 31 19:06:30] NOTICE[12756] chan_iax2.c: Out of idle IAX2 threads for
scheduling!
[Jan 31 19:06:30] DEBUG[23088] rtp.c: Got RTCP report of 176 bytes
[Jan 31 19:06:31] NOTICE[12757] chan_iax2.c: Out of idle IAX2 threads for
I/O, pausing!
[Jan 31 19:06:31] NOTICE[12756] chan_iax2.c: Out of idle IAX2 threads for
scheduling!

====================================================================== 

---------------------------------------------------------------------- 
 sokhapkin - 01-31-08 18:24  
---------------------------------------------------------------------- 
The simplest way to reproduce is to enter CLI command

originate iax2/asd:qwe@ extension 100 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
01-31-08 18:24  sokhapkin      Note Added: 0081554                          
======================================================================

More information about the asterisk-bugs mailing list