[asterisk-bugs] [JIRA] (ASTERISK-28480) json integer overflow in ssrc and timestamp

George Joseph (JIRA) noreply at issues.asterisk.org
Mon Jul 15 09:05:47 CDT 2019


     [ https://issues.asterisk.org/jira/browse/ASTERISK-28480?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

George Joseph updated ASTERISK-28480:
-------------------------------------

    Status: Open  (was: Triage)

> json integer overflow in ssrc and timestamp
> -------------------------------------------
>
>                 Key: ASTERISK-28480
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-28480
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Core/RTP
>    Affects Versions: 13.26.0
>            Reporter: Salah Ahmed
>            Severity: Minor
>
> Hello,
> Recently we have found some integer overflow in ssrc and timestamp. After some research we have found jansson library has 3 types of integers representation. 
> i (integer) [int]: Convert a C int to JSON integer.
> I (integer) [json_int_t]: Convert a C json_int_t to JSON integer.
> f (real) [double]: Convert a C double to JSON real.
> In some places "i" being used for ssrc and timestamp. Some time those values are get negative for some big number(Close to Max Unsigned Int). If use "I" instead of "i" this will be fixed for all cases.
> Thanks,
> Salah 



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list