[asterisk-bugs] [Asterisk 0018121]: Early bind of UDPTL ports can create a DoS condition
Asterisk Bug Tracker
noreply at bugs.digium.com
Fri Mar 18 11:35:02 CDT 2011
A NOTE has been added to this issue.
======================================================================
https://issues.asterisk.org/view.php?id=18121
======================================================================
Reported By: ebroad
Assigned To:
======================================================================
Project: Asterisk
Issue ID: 18121
Category: Channels/chan_sip/T.38
Reproducibility: always
Severity: major
Priority: normal
Status: ready for review
Asterisk Version: SVN
JIRA: SWP-2360
Regression: No
Reviewboard Link:
SVN Branch (only for SVN checkouts, not tarball releases): trunk
SVN Revision (number only!):
Request Review:
======================================================================
Date Submitted: 2010-10-12 10:11 CDT
Last Modified: 2011-03-18 11:35 CDT
======================================================================
Summary: Early bind of UDPTL ports can create a DoS condition
Description:
The issue is that we bind udptl ports early on in the game, in sip_alloc(),
which can exhaust the port limit in udptl.conf quite quickly, when a flood
of invites from a (rogue) scanner with a udptl sdp payload is processed by
Asterisk. Even though the invite is ultimately challenged and/or rejected,
the port is bound, and is not released until the 32 second retry before
destroy window is up, and once all the ports are bound, service will be
denied to legitimate calls; bear in mind we don't do this with voice, video
and text ports.
======================================================================
Relationships ID Summary
----------------------------------------------------------------------
related to 0018014 large memory consumption of udptl.c module
related to 0017255 [patch] UDP ports not freed/ports leaking
======================================================================
----------------------------------------------------------------------
(0133013) wdoekes (reporter) - 2011-03-18 11:35
https://issues.asterisk.org/view.php?id=18121#c133013
----------------------------------------------------------------------
In 1.6.17.2 all rtp allocation is done in if(..need_rtp)-block.
Either everthing should be allocated on an if-needed basis, or nothing. It
makes no sense to me to only delay T38 allocation.
I'd rather see a patch that delays all allocation, or -- if that's
undesirable/impossible -- one that closes unneeded ports when the dialog is
established.
Issue History
Date Modified Username Field Change
======================================================================
2011-03-18 11:35 wdoekes Note Added: 0133013
======================================================================
More information about the asterisk-bugs
mailing list