[asterisk-bugs] [JIRA] (ASTERISK-27658) WebSocket frames with 0 sized payload causes DoS
Kevin Harwell (JIRA)
noreply at issues.asterisk.org
Mon Apr 1 13:21:52 CDT 2019
[ https://issues.asterisk.org/jira/browse/ASTERISK-27658?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kevin Harwell updated ASTERISK-27658:
-------------------------------------
Target Release Version/s: 16.3.0
> WebSocket frames with 0 sized payload causes DoS
> ------------------------------------------------
>
> Key: ASTERISK-27658
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-27658
> Project: Asterisk
> Issue Type: Security
> Components: Resources/res_http_websocket
> Affects Versions: 15.2.0
> Reporter: Sean Bright
> Assignee: Sean Bright
> Severity: Blocker
> Labels: security
> Target Release: 15.2.2, 15.3.0, 16.0.0, 16.3.0
>
> Attachments: AST-2018-006.pdf
>
>
> In ast_websocket_read() we don't adequately check that payload_len is > 0 before calling ws_safe_read(). Calling ws_safe_read with a len argument of 0 will result in a busy loop until the underlying socket is closed.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list