[asterisk-bugs] [Asterisk 0018653]: Read func CHANNEL() on sip channel without arg will crash asterisk

Asterisk Bug Tracker noreply at bugs.digium.com
Tue Mar 8 13:39:44 CST 2011 

A NOTE has been added to this issue. 
====================================================================== 
https://issues.asterisk.org/view.php?id=18653 
====================================================================== 
Reported By:                wuwu
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   18653
Category:                   Channels/chan_sip/General
Reproducibility:            always
Severity:                   crash
Priority:                   normal
Status:                     acknowledged
Asterisk Version:           1.8.2.2 
JIRA:                       SWP-2958 
Regression:                 No 
Reviewboard Link:            
SVN Branch (only for SVN checkouts, not tarball releases): N/A 
SVN Revision (number only!):  
Request Review:              
====================================================================== 
Date Submitted:             2011-01-21 01:04 CST
Last Modified:              2011-03-08 13:39 CST
====================================================================== 
Summary:                    Read func CHANNEL() on sip channel without arg will
crash asterisk
Description: 
calling the function CHANNEL() without an argument on a sip channel will
crash asterisk with a segfault.
In sip_acf_channel_read it does parse arguments - and then starts a
strcasecmp on the args.param - but args is invalid / null - because there
are no arguments.

Adding a ast_strlen_zero check at the beginning should resolv the problem
- untested code is at the additional information...
====================================================================== 

---------------------------------------------------------------------- 
 (0132752) jrose (reporter) - 2011-03-08 13:39
 https://issues.asterisk.org/view.php?id=18653#c132752 
---------------------------------------------------------------------- 
Verified the bug, applied and tested your fix.  It works and it seems like
the sensible way to do it. 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2011-03-08 13:39 jrose          Note Added: 0132752                          
======================================================================

More information about the asterisk-bugs mailing list