[asterisk-bugs] [JIRA] (ASTERISK-24717) ASAN: global-buffer-overflow codec_ilbc

Badalian Vyacheslav (JIRA) noreply at issues.asterisk.org
Fri Jan 23 16:09:34 CST 2015 

Badalian Vyacheslav created ASTERISK-24717:
----------------------------------------------

             Summary: ASAN: global-buffer-overflow codec_ilbc
                 Key: ASTERISK-24717
                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-24717
             Project: Asterisk
          Issue Type: Bug
      Security Level: None
          Components: Codecs/codec_ilbc
    Affects Versions: 11.15.0
            Reporter: Badalian Vyacheslav


{code}
=================================================================
==22341==ERROR: AddressSanitizer: global-buffer-overflow on address 0x7f02e83058a0 at pc 0x7f03017a7832 bp 0x7fffe8cb66d0 sp 0x7fffe8cb5e90
READ of size 320 at 0x7f02e83058a0 thread T0
    #0 0x7f03017a7831 (/usr/lib64/libasan.so.1+0x2e831)
    #1 0x7f02e80e5684 in memcpy /usr/include/bits/string3.h:52
    #2 0x7f02e80e5684 in lintoilbc_framein /root/asterisk-11.15.0/codecs/codec_ilbc.c:144
    #3 0x73cca5 in framein /root/asterisk-11.15.0/main/translate.c:359
    #4 0x73cca5 in generate_computational_cost /root/asterisk-11.15.0/main/translate.c:609
    #5 0x743a6c in __ast_register_translator /root/asterisk-11.15.0/main/translate.c:1110
    #6 0x7f02e80e57c1 in load_module /root/asterisk-11.15.0/codecs/codec_ilbc.c:223
    #7 0x61c5c3 in start_resource /root/asterisk-11.15.0/main/loader.c:861
    #8 0x61e73f in start_resource /root/asterisk-11.15.0/main/loader.c:1053
    #9 0x61e73f in load_resource_list /root/asterisk-11.15.0/main/loader.c:1063
    #10 0x62142f in load_modules /root/asterisk-11.15.0/main/loader.c:1216
    #11 0x429cd3 in main /root/asterisk-11.15.0/main/asterisk.c:4337
    #12 0x7f0301200d5c in __libc_start_main (/lib64/libc.so.6+0x1ed5c)
    #13 0x42d394 (/usr/sbin/asterisk+0x42d394)

0x7f02e83058a0 is located 0 bytes to the right of global variable 'ex_slin8' from 'codec_ilbc.c' (0x7f02e8305800) of size 160
0x7f02e83058a0 is located 32 bytes to the left of global variable 'f' from 'codec_ilbc.c' (0x7f02e83058c0) of size 368
0x7f02e83058a0 is located 0 bytes to the right of global variable 'ex_slin8' from 'codec_ilbc.c' (0x7f02e8305800) of size 160
0x7f02e83058a0 is located 32 bytes to the left of global variable 'f' from 'codec_ilbc.c' (0x7f02e83058c0) of size 368
0x7f02e83058a0 is located 139650462144576 bytes insideASAN:SIGSEGV
==22341==AddressSanitizer: while reporting a bug found another one.Ignoring.

{code}



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list