[asterisk-bugs] [JIRA] (ASTERISK-25304) res_pjsip: XML sanitization may write past buffer
Kevin Harwell (JIRA)
noreply at issues.asterisk.org
Tue Sep 29 16:42:39 CDT 2015
[ https://issues.asterisk.org/jira/browse/ASTERISK-25304?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kevin Harwell updated ASTERISK-25304:
-------------------------------------
Target Release Version/s: 13.6.0
> res_pjsip: XML sanitization may write past buffer
> -------------------------------------------------
>
> Key: ASTERISK-25304
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-25304
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Resources/res_pjsip
> Affects Versions: 13.4.0
> Reporter: Joshua Colp
> Assignee: Joshua Colp
> Target Release: 13.6.0
>
>
> The ast_sip_sanitize_xml function currently uses the strncat function incorrectly. The length provided to it may cause it to write past the provided output buffer into other memory. This can cause a crash. The crash may result from the writing or because the PJSIP library expects the value to be NULL terminated when it is not.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list