[asterisk-bugs] [JIRA] (ASTERISK-28480) json integer overflow in ssrc and timestamp
Salah Ahmed (JIRA)
noreply at issues.asterisk.org
Thu Aug 1 19:31:48 CDT 2019
[ https://issues.asterisk.org/jira/browse/ASTERISK-28480?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=247681#comment-247681 ]
Salah Ahmed commented on ASTERISK-28480:
----------------------------------------
Hi Kevin,
Just checked the patches you mentioned. It cover all the places I meant to.
Thanks,
Salah
> json integer overflow in ssrc and timestamp
> -------------------------------------------
>
> Key: ASTERISK-28480
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-28480
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Core/RTP
> Affects Versions: 13.26.0
> Reporter: Salah Ahmed
> Assignee: Kevin Harwell
> Severity: Minor
>
> Hello,
> Recently we have found some integer overflow in ssrc and timestamp. After some research we have found jansson library has 3 types of integers representation.
> i (integer) [int]: Convert a C int to JSON integer.
> I (integer) [json_int_t]: Convert a C json_int_t to JSON integer.
> f (real) [double]: Convert a C double to JSON real.
> In some places "i" being used for ssrc and timestamp. Some time those values are get negative for some big number(Close to Max Unsigned Int). If use "I" instead of "i" this will be fixed for all cases.
> Thanks,
> Salah
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list