[asterisk-bugs] [JIRA] (ASTERISK-25717) ASAN in most installed libsrtp
Badalian Vyacheslav (JIRA)
noreply at issues.asterisk.org
Fri Jan 22 15:10:32 CST 2016
[ https://issues.asterisk.org/jira/browse/ASTERISK-25717?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Badalian Vyacheslav updated ASTERISK-25717:
-------------------------------------------
Description:
For information / WIKI
{code}
Loading res_srtp.so.
=================================================================
==3371==ERROR: AddressSanitizer: global-buffer-overflow on address 0x7f99d98e5d7e at pc 0x7f99d96d1d7f bp 0x7fff3f32ae30 sp 0x7fff3f32ae20
READ of size 1 at 0x7f99d98e5d7e thread T0
#0 0x7f99d96d1d7e in v128_copy_octet_string ../../srtp/crypto/math/datatypes.c:246
#1 0x7f99d96cac97 in aes_icm_context_init ../../srtp/crypto/cipher/aes_icm.c:172
#2 0x7f99d96c0e04 in cipher_type_self_test ../../srtp/crypto/cipher/cipher.c:120
#3 0x7f99d96d48b0 in crypto_kernel_load_cipher_type ../../srtp/crypto/kernel/crypto_kernel.c:310
#4 0x7f99d96d4d60 in crypto_kernel_init ../../srtp/crypto/kernel/crypto_kernel.c:154
#5 0x7f99d96d7fa8 in srtp_init ../../srtp/srtp/srtp.c:1093
#6 0x7f99d98f009d in res_srtp_init /root/asterisk-13.7.0/res/res_srtp.c:562
#7 0x7f99d98f0143 in load_module /root/asterisk-13.7.0/res/res_srtp.c:585
#8 0x6613f5 in start_resource /root/asterisk-13.7.0/main/loader.c:1021
#9 0x662c78 in load_resource_list /root/asterisk-13.7.0/main/loader.c:1219
#10 0x663978 in load_modules /root/asterisk-13.7.0/main/loader.c:1367
#11 0x492049 in asterisk_daemon /root/asterisk-13.7.0/main/asterisk.c:4676
#12 0x491006 in main /root/asterisk-13.7.0/main/asterisk.c:4282
#13 0x7f99e0e78b14 in __libc_start_main (/lib64/libc.so.6+0x21b14)
#14 0x432778 (/usr/sbin/asterisk+0x432778)
ASAN:SIGSEGV
==3371==AddressSanitizer: while reporting a bug found another one. Ignoring.
{code}
package affected - 1.4.4-13.20101004cvs.el7 @epel
fix:
https://src.chromium.org/viewvc/chrome?view=revision&revision=157430
BugReport
https://bugzilla.redhat.com/show_bug.cgi?id=1301202
was:
For information / WIKI
{code}
Loading res_srtp.so.
=================================================================
==3371==ERROR: AddressSanitizer: global-buffer-overflow on address 0x7f99d98e5d7e at pc 0x7f99d96d1d7f bp 0x7fff3f32ae30 sp 0x7fff3f32ae20
READ of size 1 at 0x7f99d98e5d7e thread T0
#0 0x7f99d96d1d7e in v128_copy_octet_string ../../srtp/crypto/math/datatypes.c:246
#1 0x7f99d96cac97 in aes_icm_context_init ../../srtp/crypto/cipher/aes_icm.c:172
#2 0x7f99d96c0e04 in cipher_type_self_test ../../srtp/crypto/cipher/cipher.c:120
#3 0x7f99d96d48b0 in crypto_kernel_load_cipher_type ../../srtp/crypto/kernel/crypto_kernel.c:310
#4 0x7f99d96d4d60 in crypto_kernel_init ../../srtp/crypto/kernel/crypto_kernel.c:154
#5 0x7f99d96d7fa8 in srtp_init ../../srtp/srtp/srtp.c:1093
#6 0x7f99d98f009d in res_srtp_init /root/asterisk-13.7.0/res/res_srtp.c:562
#7 0x7f99d98f0143 in load_module /root/asterisk-13.7.0/res/res_srtp.c:585
#8 0x6613f5 in start_resource /root/asterisk-13.7.0/main/loader.c:1021
#9 0x662c78 in load_resource_list /root/asterisk-13.7.0/main/loader.c:1219
#10 0x663978 in load_modules /root/asterisk-13.7.0/main/loader.c:1367
#11 0x492049 in asterisk_daemon /root/asterisk-13.7.0/main/asterisk.c:4676
#12 0x491006 in main /root/asterisk-13.7.0/main/asterisk.c:4282
#13 0x7f99e0e78b14 in __libc_start_main (/lib64/libc.so.6+0x21b14)
#14 0x432778 (/usr/sbin/asterisk+0x432778)
ASAN:SIGSEGV
==3371==AddressSanitizer: while reporting a bug found another one. Ignoring.
{code}
package affected - 1.4.4-13.20101004cvs.el7 @epel
fix:
https://src.chromium.org/viewvc/chrome?view=revision&revision=157430
> ASAN in most installed libsrtp
> -------------------------------
>
> Key: ASTERISK-25717
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-25717
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Affects Versions: 13.7.0
> Reporter: Badalian Vyacheslav
>
> For information / WIKI
> {code}
> Loading res_srtp.so.
> =================================================================
> ==3371==ERROR: AddressSanitizer: global-buffer-overflow on address 0x7f99d98e5d7e at pc 0x7f99d96d1d7f bp 0x7fff3f32ae30 sp 0x7fff3f32ae20
> READ of size 1 at 0x7f99d98e5d7e thread T0
> #0 0x7f99d96d1d7e in v128_copy_octet_string ../../srtp/crypto/math/datatypes.c:246
> #1 0x7f99d96cac97 in aes_icm_context_init ../../srtp/crypto/cipher/aes_icm.c:172
> #2 0x7f99d96c0e04 in cipher_type_self_test ../../srtp/crypto/cipher/cipher.c:120
> #3 0x7f99d96d48b0 in crypto_kernel_load_cipher_type ../../srtp/crypto/kernel/crypto_kernel.c:310
> #4 0x7f99d96d4d60 in crypto_kernel_init ../../srtp/crypto/kernel/crypto_kernel.c:154
> #5 0x7f99d96d7fa8 in srtp_init ../../srtp/srtp/srtp.c:1093
> #6 0x7f99d98f009d in res_srtp_init /root/asterisk-13.7.0/res/res_srtp.c:562
> #7 0x7f99d98f0143 in load_module /root/asterisk-13.7.0/res/res_srtp.c:585
> #8 0x6613f5 in start_resource /root/asterisk-13.7.0/main/loader.c:1021
> #9 0x662c78 in load_resource_list /root/asterisk-13.7.0/main/loader.c:1219
> #10 0x663978 in load_modules /root/asterisk-13.7.0/main/loader.c:1367
> #11 0x492049 in asterisk_daemon /root/asterisk-13.7.0/main/asterisk.c:4676
> #12 0x491006 in main /root/asterisk-13.7.0/main/asterisk.c:4282
> #13 0x7f99e0e78b14 in __libc_start_main (/lib64/libc.so.6+0x21b14)
> #14 0x432778 (/usr/sbin/asterisk+0x432778)
> ASAN:SIGSEGV
> ==3371==AddressSanitizer: while reporting a bug found another one. Ignoring.
> {code}
> package affected - 1.4.4-13.20101004cvs.el7 @epel
> fix:
> https://src.chromium.org/viewvc/chrome?view=revision&revision=157430
> BugReport
> https://bugzilla.redhat.com/show_bug.cgi?id=1301202
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list