[asterisk-bugs] [JIRA] (ASTERISK-28978) acl: named_acl rule misconfiguration results in segfault on reading rule from realtime

Friendly Automation (JIRA) noreply at issues.asterisk.org
Mon Jul 20 10:00:27 CDT 2020


    [ https://issues.asterisk.org/jira/browse/ASTERISK-28978?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=251456#comment-251456 ] 

Friendly Automation commented on ASTERISK-28978:
------------------------------------------------

Change 14636 merged by Joshua Colp:
acl.c: Coerce a NULL pointer into the empty string

[https://gerrit.asterisk.org/c/asterisk/+/14636|https://gerrit.asterisk.org/c/asterisk/+/14636]

> acl: named_acl rule misconfiguration results in segfault on reading rule from realtime
> --------------------------------------------------------------------------------------
>
>                 Key: ASTERISK-28978
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-28978
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Core/ACL
>    Affects Versions: 16.11.1
>            Reporter: Andrew Yager
>            Assignee: Sean Bright
>            Severity: Minor
>              Labels: patch
>         Attachments: 0001-acl-Coerce-a-NULL-pointer-into-the-empty-string.patch
>
>
> If an ACL is misconfigured in the realtime database (for instance, the "rule" is blank) and Asterisk attempts to read the ACL, asterisk will segfault during reading the rule and crash. For some reason it doesn't seem to produce a coredump, however I haven't verified that this isn't because my system is incorrectly configured.
> This can be worked around by ensuring the ACLs are not misconfigured, but ideally asterisk should gracefully fail and not crash.



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list