[asterisk-bugs] [JIRA] (ASTERISK-28449) scheduler: Supported time can be exceeded by PUBLISH
Gil Richard (JIRA)
noreply at issues.asterisk.org
Mon Jun 17 08:25:47 CDT 2019
[ https://issues.asterisk.org/jira/browse/ASTERISK-28449?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gil Richard updated ASTERISK-28449:
-----------------------------------
Description:
The scheduler (main/sched.c) uses a signed integer value for setting timers in milliseconds. The SIP RFC [3261 20.19] specifies an Expiry as being between 0 and (2**32)-1. When converted to ms, the maximum value exceeds the bounds of a signed integer and becomes a negative value.
This can replicated by issuing a PUBLISH with an Expiry of 4294967295. sched_settime() will complain about a negative time and assert 0.
Changing to an unsigned int or an unsigned long int will likely remedy the issue.
was:
The schduler (main/sched.c) uses a signed integer value for setting timers in milliseconds. The SIP RFC [3261 20.19] specifies an Expiry as being between 0 and (2**32)-1. When converted to ms, the maximum value exceeds the bounds of a signed integer and becomes a negative value.
This can replicated by issuing a PUBLISH with an Expiry of 4294967295. sched_settime() will complain about a negative time and assert 0.
Changing to an unsigned int or an unsigned long int will likely remedy the issue.
> scheduler: Supported time can be exceeded by PUBLISH
> ----------------------------------------------------
>
> Key: ASTERISK-28449
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-28449
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Core/Platform, Resources/res_pjsip_pubsub
> Affects Versions: 16.3.0
> Reporter: Gil Richard
> Severity: Minor
>
> The scheduler (main/sched.c) uses a signed integer value for setting timers in milliseconds. The SIP RFC [3261 20.19] specifies an Expiry as being between 0 and (2**32)-1. When converted to ms, the maximum value exceeds the bounds of a signed integer and becomes a negative value.
> This can replicated by issuing a PUBLISH with an Expiry of 4294967295. sched_settime() will complain about a negative time and assert 0.
> Changing to an unsigned int or an unsigned long int will likely remedy the issue.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list