[asterisk-bugs] [JIRA] (ASTERISK-28449) scheduler: Supported time can be exceeded by PUBLISH

Gil Richard (JIRA) noreply at issues.asterisk.org
Mon Jun 17 08:25:47 CDT 2019


     [ https://issues.asterisk.org/jira/browse/ASTERISK-28449?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Gil Richard updated ASTERISK-28449:
-----------------------------------

    Description: 
The scheduler (main/sched.c) uses a signed integer value for setting timers in milliseconds.  The SIP RFC [3261 20.19] specifies an Expiry as being between 0 and (2**32)-1.  When converted to ms, the maximum value exceeds the bounds of a signed integer and becomes a negative value.

This can replicated by issuing a PUBLISH with an Expiry of 4294967295.  sched_settime() will complain about a negative time and assert 0.

Changing to an unsigned int or an unsigned long int will likely remedy the issue.

  was:
The schduler (main/sched.c) uses a signed integer value for setting timers in milliseconds.  The SIP RFC [3261 20.19] specifies an Expiry as being between 0 and (2**32)-1.  When converted to ms, the maximum value exceeds the bounds of a signed integer and becomes a negative value.

This can replicated by issuing a PUBLISH with an Expiry of 4294967295.  sched_settime() will complain about a negative time and assert 0.

Changing to an unsigned int or an unsigned long int will likely remedy the issue.


> scheduler: Supported time can be exceeded by PUBLISH
> ----------------------------------------------------
>
>                 Key: ASTERISK-28449
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-28449
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Core/Platform, Resources/res_pjsip_pubsub
>    Affects Versions: 16.3.0
>            Reporter: Gil Richard
>            Severity: Minor
>
> The scheduler (main/sched.c) uses a signed integer value for setting timers in milliseconds.  The SIP RFC [3261 20.19] specifies an Expiry as being between 0 and (2**32)-1.  When converted to ms, the maximum value exceeds the bounds of a signed integer and becomes a negative value.
> This can replicated by issuing a PUBLISH with an Expiry of 4294967295.  sched_settime() will complain about a negative time and assert 0.
> Changing to an unsigned int or an unsigned long int will likely remedy the issue.



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list