[asterisk-bugs] [JIRA] (ASTERISK-29024) pjsip: Route Header in Cancel request incorrectly set

Kevin Harwell (JIRA) noreply at issues.asterisk.org
Thu Oct 8 12:55:36 CDT 2020 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-29024?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=252373#comment-252373 ] 

Kevin Harwell commented on ASTERISK-29024:
------------------------------------------

[~ralf.kubis],

Thank you for the extra information and analysis!

I believe you are correct in your findings. It currently appears no one is working this issue at this time. If you'd like to hasten the process you can submit a patch [1] [2] for code review.

As far as the pjproject portion goes a patch would need to be submitted to pjproject for that [3]. However, that patch can then be included in Asterisk "pjproject bundled" patches directory (see _<src root>/third-party/pjproject/patches_) for inclusion with Asterisk until a version of pjproject is released with that patch (and when Asterisk "pjproject bundled" version is upgraded).

[1] https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process
[2] https://wiki.asterisk.org/wiki/display/AST/Gerrit+Usage
[3] https://github.com/pjsip/pjproject/issues

Thanks!

> pjsip: Route Header in Cancel request incorrectly set
> -----------------------------------------------------
>
>                 Key: ASTERISK-29024
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-29024
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: pjproject/pjsip
>    Affects Versions: 17.6.0
>            Reporter: Flole Systems
>            Assignee: Unassigned
>
> When I initiate a call using PJSIP and Cancel the call while it's still ringing the Route-Header seems to be sent incorrectly. It looks like it's a pointer to a memory region that got overwritten. I saw internal IP Addresses in there aswell as some other stuff like "Route: <sip:}". The "Route: <sip:" is always set properly, just the part after the sip is never set correctly and also the closing ">" is always missing.
> As the memory region that it reads from can't be controlled it might happen that confidential data like a password is exposed over this.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list