[asterisk-bugs] [JIRA] (ASTERISK-28978) acl: named_acl rule misconfiguration results in segfault on reading rule from realtime
Andrew Yager (JIRA)
noreply at issues.asterisk.org
Fri Jul 10 23:05:25 CDT 2020
[ https://issues.asterisk.org/jira/browse/ASTERISK-28978?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andrew Yager updated ASTERISK-28978:
------------------------------------
Status: Waiting for Feedback (was: Waiting for Feedback)
Confirmed the attached patch solves the problem and produces the expected output.
{code}
Could not find ACL named 'test'
*CLI> [2020-07-11 04:02:13] WARNING[2247]: acl.c:617 append_ha_core: Invalid IP address:
[2020-07-11 04:02:13] ERROR[2247]: named_acl.c:273 named_acl_find_realtime: Rejecting realtime ACL due to bad ACL definition 'test': 1 - permit - (null)
{code}
> acl: named_acl rule misconfiguration results in segfault on reading rule from realtime
> --------------------------------------------------------------------------------------
>
> Key: ASTERISK-28978
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-28978
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Core/ACL
> Affects Versions: 16.11.1
> Reporter: Andrew Yager
> Assignee: Andrew Yager
> Severity: Minor
> Labels: patch
> Attachments: 0001-acl-Coerce-a-NULL-pointer-into-the-empty-string.patch
>
>
> If an ACL is misconfigured in the realtime database (for instance, the "rule" is blank) and Asterisk attempts to read the ACL, asterisk will segfault during reading the rule and crash. For some reason it doesn't seem to produce a coredump, however I haven't verified that this isn't because my system is incorrectly configured.
> This can be worked around by ensuring the ACLs are not misconfigured, but ideally asterisk should gracefully fail and not crash.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list