[asterisk-bugs] [JIRA] (ASTERISK-30259) ari: Crash on missing JSON validation in push registration
Asterisk Team (JIRA)
noreply at issues.asterisk.org
Mon Oct 10 05:21:09 CDT 2022
[ https://issues.asterisk.org/jira/browse/ASTERISK-30259?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Asterisk Team updated ASTERISK-30259:
-------------------------------------
Assignee: Asterisk Team (was: Thomas Guebels)
Status: Triage (was: Waiting for Feedback)
> ari: Crash on missing JSON validation in push registration
> ----------------------------------------------------------
>
> Key: ASTERISK-30259
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-30259
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Resources/res_ari, Resources/res_pjsip_outbound_registration
> Affects Versions: 18.14.0
> Reporter: Thomas Guebels
> Assignee: Asterisk Team
>
> When creating a new outbound registration using ARI push method, an unexpected JSON body can easily trigger a crash.
> The code expects "attribute" and "value" to be present and to be string in the objects of the field array.
> So anything not in the form
> {code}
> [
> {
> "attribute": "string",
> "value": "string"
> },
> ]
> {code}
> will trigger it. Example:
> {code}
> [
> {
> "attribute": "string",
> "value": 123
> },
> ]
> {code}
> or
> {code}
> [
> {
> },
> ]
> {code}
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list