[asterisk-bugs] [JIRA] (ASTERISK-26873) realtime_odbc: heap-buffer-overflow in SQLGetData
Badalian Vyacheslav (JIRA)
noreply at issues.asterisk.org
Tue Mar 14 16:07:10 CDT 2017
Badalian Vyacheslav created ASTERISK-26873:
----------------------------------------------
Summary: realtime_odbc: heap-buffer-overflow in SQLGetData
Key: ASTERISK-26873
URL: https://issues.asterisk.org/jira/browse/ASTERISK-26873
Project: Asterisk
Issue Type: Bug
Security Level: None
Reporter: Badalian Vyacheslav
Severity: Minor
{code}
=================================================================
==16938==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x606000160975 at pc 0x7fbb2500bff3 bp 0x7fbae98966b0 sp 0x7fbae9895e58
READ of size 22 at 0x606000160975 thread T153
#0 0x7fbb2500bff2 (/lib64/libasan.so.3+0x3cff2)
#1 0x7fbb1a2fbee5 in SQLGetData (/usr/lib64/libmyodbc5a.so+0x5fee5)
#2 0x7fbb1b544d66 in SQLGetData (/lib64/libodbc.so.2+0x19d66)
#3 0x7fbb13913ec6 in realtime_odbc /home/pbs.vbadalyan/asterisk-13.14.0/res/res_config_odbc.c:261
#4 0x5a6c6f in ast_load_realtime_all_fields /home/pbs.vbadalyan/asterisk-13.14.0/main/config.c:3257
#5 0x5a76db in ast_load_realtime_fields /home/pbs.vbadalyan/asterisk-13.14.0/main/config.c:3291
#6 0x5a76db in ast_load_realtime /home/pbs.vbadalyan/asterisk-13.14.0/main/config.c:3340
#7 0x7fbaef2e21a4 in realtime_peer_by_name /home/pbs.vbadalyan/asterisk-13.14.0/channels/chan_sip.c:5439
#8 0x7fbaef2e21a4 in realtime_peer /home/pbs.vbadalyan/asterisk-13.14.0/channels/chan_sip.c:5626
#9 0x7fbaef2e21a4 in sip_find_peer_full /home/pbs.vbadalyan/asterisk-13.14.0/channels/chan_sip.c:5741
#10 0x7fbaef2e2e68 in sip_find_peer /home/pbs.vbadalyan/asterisk-13.14.0/channels/chan_sip.c:5780
#11 0x7fbaef3412ff in register_verify /home/pbs.vbadalyan/asterisk-13.14.0/channels/chan_sip.c:17628
#12 0x7fbaef345fee in handle_request_register /home/pbs.vbadalyan/asterisk-13.14.0/channels/chan_sip.c:28467
#13 0x7fbaef345fee in handle_incoming /home/pbs.vbadalyan/asterisk-13.14.0/channels/chan_sip.c:28775
#14 0x7fbaef34ac4a in handle_request_do /home/pbs.vbadalyan/asterisk-13.14.0/channels/chan_sip.c:28943
#15 0x7fbaef34e10e in sip_websocket_callback /home/pbs.vbadalyan/asterisk-13.14.0/channels/chan_sip.c:2659
#16 0x7fbb0d13abf4 in __ast_websocket_uri_cb /home/pbs.vbadalyan/asterisk-13.14.0/res/res_http_websocket.c:905
#17 0x63cb05 in handle_uri /home/pbs.vbadalyan/asterisk-13.14.0/main/http.c:1482
#18 0x63cb05 in httpd_process_request /home/pbs.vbadalyan/asterisk-13.14.0/main/http.c:1906
#19 0x63d599 in httpd_helper_thread /home/pbs.vbadalyan/asterisk-13.14.0/main/http.c:1993
#20 0x7930cf in handle_tcptls_connection /home/pbs.vbadalyan/asterisk-13.14.0/main/tcptls.c:742
#21 0x7b212f in dummy_start /home/pbs.vbadalyan/asterisk-13.14.0/main/utils.c:1235
#22 0x7fbb22e83dc4 in start_thread (/lib64/libpthread.so.0+0x7dc4)
#23 0x7fbb2216373c in clone (/lib64/libc.so.6+0xf773c)
{code}
some effect with mysql-connector-odbc-5.3.7-1.el7.x86_64 and mysql-connector-odbc-5.3.6-1.el7.x86_64
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list