[asterisk-bugs] [JIRA] (ASTERISK-25722) ASAN & testsute: stack-buffer-overflow in sip_sipredirect
Badalian Vyacheslav (JIRA)
noreply at issues.asterisk.org
Sat Jan 23 02:45:33 CST 2016
Badalian Vyacheslav created ASTERISK-25722:
----------------------------------------------
Summary: ASAN & testsute: stack-buffer-overflow in sip_sipredirect
Key: ASTERISK-25722
URL: https://issues.asterisk.org/jira/browse/ASTERISK-25722
Project: Asterisk
Issue Type: Bug
Security Level: None
Components: Channels/chan_sip/Security Framework
Affects Versions: 13.7.0
Reporter: Badalian Vyacheslav
Severity: Critical
Looks like security issue...
{code}
==16756==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ff203abbe60 at pc 0x7ff237cfa208 bp 0x7ff203abb9c0 sp 0x7ff203abb148
WRITE of size 257 at 0x7ff203abbe60 thread T72
#0 0x7ff237cfa207 (/lib64/libasan.so.2+0x52207)
#1 0x7ff237cfaf5a in __interceptor_vsscanf (/lib64/libasan.so.2+0x52f5a)
#2 0x7ff237cfb0b9 in __interceptor_sscanf (/lib64/libasan.so.2+0x530b9)
#3 0x7ff2275b48d8 in sip_sipredirect /root/asterisk-13.7.0/channels/chan_sip.c:32957
#4 0x7ff2274aedc7 in sip_transfer /root/asterisk-13.7.0/channels/chan_sip.c:7449
#5 0x5685c8 in ast_transfer /root/asterisk-13.7.0/main/channel.c:6182
#6 0x7ff2239fa857 in transfer_exec /root/asterisk-13.7.0/apps/app_transfer.c:121
#7 0x6d083c in pbx_exec /root/asterisk-13.7.0/main/pbx.c:1722
#8 0x6e7007 in pbx_extension_helper /root/asterisk-13.7.0/main/pbx.c:4994
#9 0x6ed147 in ast_spawn_extension /root/asterisk-13.7.0/main/pbx.c:6216
#10 0x6ef92c in __ast_pbx_run /root/asterisk-13.7.0/main/pbx.c:6633
#11 0x6f2050 in pbx_thread /root/asterisk-13.7.0/main/pbx.c:6953
#12 0x7eff7c in dummy_start /root/asterisk-13.7.0/main/utils.c:1237
#13 0x7ff2361badc4 in start_thread (/lib64/libpthread.so.0+0x7dc4)
#14 0x7ff23549a21c in clone (/lib64/libc.so.6+0xf621c)
{code}
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list