[asterisk-bugs] [JIRA] (ASTERISK-28454) res_fax.c UTF-8 validation for remotestationid and pbx_builtin_setvar_helper

Joshua C. Colp (JIRA) noreply at issues.asterisk.org
Wed Jun 19 17:54:47 CDT 2019 

     [ https://issues.asterisk.org/jira/browse/ASTERISK-28454?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Joshua C. Colp closed ASTERISK-28454.
-------------------------------------

    Resolution: Duplicate

As Asterisk is an open source project there is no time frame on when things will get looked into. Anyone is able to pick an issue and work on it if they so desire.

> res_fax.c UTF-8 validation for remotestationid and pbx_builtin_setvar_helper
> ----------------------------------------------------------------------------
>
>                 Key: ASTERISK-28454
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-28454
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Resources/res_fax
>    Affects Versions: 16.4.0
>         Environment: Linux
>            Reporter: Jodi Jones
>            Severity: Minor
>              Labels: fax
>
> A UTF-8 validation needs to be added to https://github.com/asterisk/asterisk/blob/master/res/res_fax.c#L1450, invalid utf-8 causes a segfault via json 
> IE
> {code}
> [Jun 10 17:08:15] VERBOSE[12546][C-00000003] res_fax.c: Channel 'SIP/VIBE-XC5-XS1-00000002' receiving FAX '/var/spool/asterisk/fax/fax-xxxxxx.tif'
> [Jun 10 17:08:16] VERBOSE[12545][C-00000002] netsock2.c: Using UDPTL CoS mark 5
> [Jun 10 17:08:18] VERBOSE[12546][C-00000003] netsock2.c: Using UDPTL CoS mark 5
> [Jun 10 17:08:51] ERROR[12545][C-00000002] json.c: Error building JSON from '{s: s, s: s}': Invalid UTF-8 string.
> [Jun 10 17:08:51] ERROR[12545][C-00000002] : Got 13 backtrace records
> # 0: /usr/sbin/asterisk(ast_json_pack+0x94) [0x4f77f4]
> # 1: /usr/sbin/asterisk(ast_channel_publish_varset+0x2b) [0x57dd2b]
> # 2: /usr/sbin/asterisk(pbx_builtin_setvar_helper+0x123) [0x533f13]
> # 3: /usr/lib/asterisk/modules/res_fax.so(+0x3de2) [0x7fdfe67a2de2]
> # 4: /usr/lib/asterisk/modules/res_fax.so(+0x95a7) [0x7fdfe67a85a7]
> # 5: /usr/lib/asterisk/modules/res_fax.so(+0x10df5) [0x7fdfe67afdf5]
> # 6: /usr/sbin/asterisk(pbx_exec+0xb9) [0x52ad09]
> # 7: /usr/sbin/asterisk() [0x51e6d5]
> # 8: /usr/sbin/asterisk() [0x520744]
> # 9: /usr/sbin/asterisk() [0x521ccb]
> #10: /usr/sbin/asterisk() [0x59e179]
> #11: /lib64/libpthread.so.0(+0x7dd5) [0x7fe037454dd5]
> #12: /lib64/libc.so.6(clone+0x6d) [0x7fe0364f4ead]
> [Jun 10 17:08:51] ERROR[12545][C-00000002] stasis_channels.c: Error creating message
> [Jun 10 17:08:51] ERROR[12545][C-00000002] json.c: Error building JSON from '{s: s, s: s, s: s, s: s, s: s, s: s, s: o}': Invalid UTF-8 string.
> [Jun 10 17:08:51] ERROR[12545][C-00000002] : Got 10 backtrace records
> # 0: /usr/sbin/asterisk(ast_json_pack+0x94) [0x4f77f4]
> # 1: /usr/lib/asterisk/modules/res_fax.so(+0x50c8) [0x7fdfe67a40c8]
> # 2: /usr/lib/asterisk/modules/res_fax.so(+0x10e4a) [0x7fdfe67afe4a]
> # 3: /usr/sbin/asterisk(pbx_exec+0xb9) [0x52ad09]
> # 4: /usr/sbin/asterisk() [0x51e6d5]
> # 5: /usr/sbin/asterisk() [0x520744]
> # 6: /usr/sbin/asterisk() [0x521ccb]
> # 7: /usr/sbin/asterisk() [0x59e179]
> # 8: /lib64/libpthread.so.0(+0x7dd5) [0x7fe037454dd5]
> # 9: /lib64/libc.so.6(clone+0x6d) [0x7fe0364f4ead]
> {code}
> Here is the character in question from the FAXOPT
> {code}
> [Jun 10 17:08:51] VERBOSE[12545][C-00000002] pbx.c: Executing [h at fax-rx:9] NoOp("SIP/VIBE-XC5-XS1-00000001", "FAXOPT(remotestationid) : ▒▒▒▒ ") in new stack
> {code}
> Validated segfault goes away by  not referencing *details->remotestationid* and using a static string in the function *set_channel_variables* from *res_fax.c*.
> Band-aid solution for our production environment (i understand this is not a proper fix)
> {code}
>         //pbx_builtin_setvar_helper(chan, "REMOTESTATIONID", S_OR(details->remotestationid, NULL));
>         pbx_builtin_setvar_helper(chan, "REMOTESTATIONID", S_OR("utf8_bypass", NULL));
> {code}
> We were getting several segfaults an hour when receiving fax's with dodgy remote station id's... we haven't had a single segfault since applying this work around.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list