[asterisk-bugs] [JIRA] (ASTERISK-25490) [patch]SDP crypto tag is validated incorrectly
Joerg Sonnenberger (JIRA)
noreply at issues.asterisk.org
Wed Mar 29 15:50:10 CDT 2017
[ https://issues.asterisk.org/jira/browse/ASTERISK-25490?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=236190#comment-236190 ]
Joerg Sonnenberger commented on ASTERISK-25490:
-----------------------------------------------
The extra buffer is only for the verification that the input matches the parsed result, i.e. no additional junk is present like trailing garbage, plus signs, whitespace etc. That's the only reason for it.
> [patch]SDP crypto tag is validated incorrectly
> ----------------------------------------------
>
> Key: ASTERISK-25490
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-25490
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Channels/chan_sip/SRTP
> Affects Versions: 13.13.1, 14.2.1
> Environment: Interoperability with Snom D725
> Reporter: Joerg Sonnenberger
> Attachments: patch-channels_sip_sdp__crypto.c
>
>
> When trying to forward a call from a D725 with encrypted RTP, the crypto handshake fails as the phone tries to use a zero crypto tag.
> A potential fix can be found in https://www.netbsd.org/~joerg/patch-channels_sip_sdp__crypto.c
> The same issue should apply to newer releases as well, but I can't test that easily.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list