[asterisk-bugs] [JIRA] (ASTERISK-21205) [patch] dundi_read_result crash due to negative number

Asterisk Team (JIRA) noreply at issues.asterisk.org
Thu Apr 23 12:05:32 CDT 2020


     [ https://issues.asterisk.org/jira/browse/ASTERISK-21205?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Asterisk Team updated ASTERISK-21205:
-------------------------------------

    Target Release Version/s: 16.10.0

> [patch] dundi_read_result crash due to negative number
> ------------------------------------------------------
>
>                 Key: ASTERISK-21205
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-21205
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: PBX/pbx_dundi
>    Affects Versions: 11.2.1, 13.18.4
>         Environment: gentoo linux
> kernel 3.7.3
>            Reporter: Jaco Kroon
>              Labels: patch
>      Target Release: 13.33.0, 16.10.0
>
>         Attachments: asterisk-11.2.1-dundi-segfault-on-fail.patch
>
>
> Should dundi_lookup_internal return a negative number then so will dundi_lookup, which usually gets assigned to num_results, which is an unsigned int.  Later when sorting this number is taken "as is", which then results in an out-of-bounds situation and a segfault (usually).



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list