[asterisk-bugs] [JIRA] (ASTERISK-25715) [patch] ASAN:global-buffer-overflow pjsip

Rusty Newton (JIRA) noreply at issues.asterisk.org
Sun Jan 31 09:40:35 CST 2016 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-25715?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=229228#comment-229228 ] 

Rusty Newton commented on ASTERISK-25715:
-----------------------------------------

I don't understand - if you can attach the patch here - why can't you attach it to Gerrit?

Explain further and perhaps we can help.

> [patch] ASAN:global-buffer-overflow pjsip
> -----------------------------------------
>
>                 Key: ASTERISK-25715
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-25715
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: pjproject/pjsip
>    Affects Versions: 13.7.0
>         Environment: centos 7 x64
>            Reporter: Badalian Vyacheslav
>            Assignee: Unassigned
>            Severity: Minor
>         Attachments: pj1.patch
>
>
> last master from
> https://github.com/asterisk/pjproject/issues
> {code}
> *CLI> =================================================================
> ==2372==ERROR: AddressSanitizer: global-buffer-overflow on address 0x7f2039991340 at pc 0x7f2039924381 bp 0x7f2031300b40 sp 0x7f2031300b30
> READ of size 7 at 0x7f2039991340 thread T34
>     #0 0x7f2039924380 in pj_memcmp ../../pjlib/include/pj/string.h:682
>     #1 0x7f2039924380 in pjsip_method_init_np ../src/pjsip/sip_msg.c:254
>     #2 0x7f203992d602 in int_parse_req_line ../src/pjsip/sip_parser.c:1579
>     #3 0x7f203992d602 in int_parse_msg ../src/pjsip/sip_parser.c:975
>     #4 0x7f2039930cec in pjsip_parse_rdata ../src/pjsip/sip_parser.c:762
>     #5 0x7f203994e4f3 in pjsip_tpmgr_receive_packet ../src/pjsip/sip_transport.c:1768
>     #6 0x7f2039954bc0 in udp_on_read_complete ../src/pjsip/sip_transport_udp.c:175
>     #7 0x7f20375c74f9 in ioqueue_dispatch_read_event ../src/pj/ioqueue_common_abs.c:591
>     #8 0x7f20375cbdfa in pj_ioqueue_poll ../src/pj/ioqueue_select.c:966
>     #9 0x7f203993b4ea in pjsip_endpt_handle_events2 ../src/pjsip/sip_endpoint.c:741
>     #10 0x7f203a658576 in monitor_thread_exec /root/asterisk-13.7.0/res/res_pjsip.c:3555
>     #11 0x7f20375cea3d in thread_main ../src/pj/os_core_unix.c:541
>     #12 0x7f2045f0edc4 in start_thread (/lib64/libpthread.so.0+0x7dc4)
>     #13 0x7f20451ee21c in clone (/lib64/libc.so.6+0xf621c)
> 0x7f2039991340 is located 99422720 bytes insideASAN:SIGSEGV
> ==2372==AddressSanitizer: while reporting a bug found another one.Ignoring.
> {code}



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list